prf: don't crash when called before handshake completion

If a gnutls_prf*() function is called before the handshake is completed,
return GNUTLS_E_INVALID_REQUEST instead of crashing.

Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>

2 files changed, 17 insertions, 0 deletions

diff --git a/lib/prf.c b/lib/prf.c
index 107f477081..bb76e2ed4e 100644
--- a/lib/prf.c
+++ b/lib/prf.c
@@ -80,6 +80,9 @@ gnutls_prf_raw(gnutls_session_t session,
 	if (vers && vers->tls13_sem)
 		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
+	if (session->security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
 	ret = _gnutls_prf_raw(session->security_parameters.prf->id,
 			  GNUTLS_MASTER_SIZE, session->security_parameters.master_secret,
 			  label_size, label,
@@ -165,6 +168,9 @@ gnutls_prf_rfc5705(gnutls_session_t session,
 	const version_entry_st *vers = get_version(session);
 	int ret;
 
+	if (session->security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
 	if (vers && vers->tls13_sem) {
 		ret = _tls13_derive_exporter(session->security_parameters.prf,
 					     session,
@@ -309,6 +315,9 @@ gnutls_prf(gnutls_session_t session,
 			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 	}
 
+	if (session->security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
 	seed = gnutls_malloc(seedsize);
 	if (!seed) {
 		gnutls_assert();
diff --git a/tests/prf.c b/tests/prf.c
index ff839fe73c..c4c7a0dac2 100644
--- a/tests/prf.c
+++ b/tests/prf.c
@@ -283,6 +283,14 @@ static void client(int fd)
 	gnutls_handshake_set_random(session, &hrnd);
 	gnutls_transport_set_int(session, fd);
 
+	if (gnutls_prf(session, 4, "aaaa", 0, 0, NULL, sizeof(err), (char *)&err) !=
+			GNUTLS_E_INVALID_REQUEST ||
+	    gnutls_prf_rfc5705(session, 4, "aaaa", 0, NULL, sizeof(err), (char *)&err) !=
+			GNUTLS_E_INVALID_REQUEST) {
+		fprintf(stderr, "unexpected prf error code\n");
+		exit(1);
+	}
+
 	/* Perform the TLS handshake
 	 */
 	do {