From 2013286ddfd847433e517f8bd8dc1a0a7da53a40 Mon Sep 17 00:00:00 2001
From: brad <>
Date: Wed, 17 Mar 2004 18:07:42 +0000
Subject: MFC: Fix by markus@

avoid null-pointer deref (aka CAN-2004-0079)
see http://www.openssl.org/news/secadv_20040317.txt

ok deraadt@ markus@
---
 src/lib/libssl/src/ssl/s3_pkt.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c
index 3f88429e79..9f3e5139ad 100644
--- a/src/lib/libssl/src/ssl/s3_pkt.c
+++ b/src/lib/libssl/src/ssl/s3_pkt.c
@@ -1085,6 +1085,14 @@ start:
 			goto err;
 			}
 
+		/* Check we have a cipher to change to */
+		if (s->s3->tmp.new_cipher == NULL)
+			{
+			i=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
+			goto err;
+			}
+
 		rr->length=0;
 
 		if (s->msg_callback)
-- 
cgit v1.2.3-55-g6feb