From: Ayala Beker <ayala.beker@xxxxxxxxx> Fix possible null pointer dereference in check_ocsp_resp(). Signed-off-by: Ayala Beker <ayala.beker@xxxxxxxxx> --- src/crypto/tls_openssl_ocsp.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/crypto/tls_openssl_ocsp.c b/src/crypto/tls_openssl_ocsp.c index 37c87f4..4e1c6b9 100644 --- a/src/crypto/tls_openssl_ocsp.c +++ b/src/crypto/tls_openssl_ocsp.c @@ -562,6 +562,8 @@ enum ocsp_result check_ocsp_resp(SSL_CTX *ssl_ctx, SSL *ssl, X509 *cert, if (basic->certs) { untrusted = sk_X509_dup(basic->certs); + if (!untrusted) + goto fail; num = sk_X509_num(basic->certs); for (i = 0; i < num; i++) { -- 1.9.1 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap