From 4ab5d1a3a938b0f6aac4adfd45266ea9421ad4f5 Mon Sep 17 00:00:00 2001
From: doug <>
Date: Mon, 20 Jul 2015 18:31:01 +0000
Subject: Avoid possible NULL deref in openssl(1) s_server.

Fixes Coverity issue 78873.

ok miod@
---
 src/usr.bin/openssl/s_server.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c
index 2422642989..317b1a849f 100644
--- a/src/usr.bin/openssl/s_server.c
+++ b/src/usr.bin/openssl/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.13 2015/07/17 16:09:46 doug Exp $ */
+/* $OpenBSD: s_server.c,v 1.14 2015/07/20 18:31:01 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1132,7 +1132,10 @@ bad:
 
 		if (ctx2) {
 			if (!dhfile) {
-				DH *dh2 = load_dh_param(s_cert_file2);
+				DH *dh2 = NULL;
+
+				if (s_cert_file2 != NULL)
+					dh2 = load_dh_param(s_cert_file2);
 				if (dh2 != NULL) {
 					BIO_printf(bio_s_out, "Setting temp DH parameters\n");
 					(void) BIO_flush(bio_s_out);
-- 
cgit v1.2.3-55-g6feb