Add NULL checks on key copy

wolfSSL · Sep 23, 2024 · cad2bbd · cad2bbd
1 parent 634e547
commit cad2bbd
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 8 deletions.
diff --git a/src/internal.c b/src/internal.c
@@ -6830,10 +6830,18 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
 #endif
 #ifndef WOLFSSL_BLIND_PRIVATE_KEY
 #ifdef WOLFSSL_COPY_KEY
-    AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
-        ctx->privateKey->length, ctx->privateKey->type,
-        ctx->privateKey->heap);
-    ssl->buffers.weOwnKey = 1;
+    if (ctx->privateKey != NULL) {
+        if (ssl->buffers.key != NULL) {
+            FreeDer(&ssl->buffers.key);
+        }
+        AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
+            ctx->privateKey->length, ctx->privateKey->type,
+            ctx->privateKey->heap);
+        ssl->buffers.weOwnKey = 1;
+    }
+    else {
+        ssl->buffers.key      = ctx->privateKey;
+    }
 #else
     ssl->buffers.key      = ctx->privateKey;
 #endif

diff --git a/src/ssl.c b/src/ssl.c
@@ -20411,10 +20411,18 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
 #endif
 #ifndef WOLFSSL_BLIND_PRIVATE_KEY
 #ifdef WOLFSSL_COPY_KEY
-    AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
-        ctx->privateKey->length, ctx->privateKey->type,
-        ctx->privateKey->heap);
-    ssl->buffers.weOwnKey = 1;
+    if (ctx->privateKey != NULL) {
+        if (ssl->buffers.key != NULL) {
+            FreeDer(&ssl->buffers.key);
+        }
+        AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
+            ctx->privateKey->length, ctx->privateKey->type,
+            ctx->privateKey->heap);
+        ssl->buffers.weOwnKey = 1;
+    }
+    else {
+        ssl->buffers.key      = ctx->privateKey;
+    }
 #else
     ssl->buffers.key      = ctx->privateKey;
 #endif