From 03b02e32775f8a9d06c120ef21ea216d6fe927bc Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Tue, 29 Aug 2017 12:52:32 +0100 Subject: [PATCH] Prevent NULL pointer dereference in x509_ocsp.c Add a check at the beginning of the function mbedtls_x509_ocsp_response_free() to ensure that the pointer passed to is not NULL. This prevent a NULL pointer dereference that could lead to crashes. --- library/x509_ocsp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/x509_ocsp.c b/library/x509_ocsp.c index 8de9959eb4..dbd0b7ac4e 100644 --- a/library/x509_ocsp.c +++ b/library/x509_ocsp.c @@ -79,7 +79,9 @@ void mbedtls_x509_ocsp_response_free( mbedtls_x509_ocsp_response *resp ) { mbedtls_x509_ocsp_single_response *cur, *next; - if( resp->resp_type.p == NULL ) + if( resp == NULL ) + return; + else if( resp->raw.p == NULL ) goto exit; /* Free list of certificates */