diff options
author | Tim Taubert <ttaubert@mozilla.com> | 2016-02-24 11:05:02 +0100 |
---|---|---|
committer | Tim Taubert <ttaubert@mozilla.com> | 2016-02-24 11:05:02 +0100 |
commit | 305744fcc4181d7c84cbc1ebb550e84d34035c65 (patch) | |
tree | bb245cd70391443603481bb40fb7e53caafa3c53 | |
parent | 2f086b5398a77b7ae58dd7de51dbcf04580b3f97 (diff) | |
download | nss-hg-305744fcc4181d7c84cbc1ebb550e84d34035c65.tar.gz |
Bug 1247688 - Fix possible NULL deref in tls13_HkdfExpandLabelRaw() r=franziskus
-rw-r--r-- | lib/ssl/tls13hkdf.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/ssl/tls13hkdf.c b/lib/ssl/tls13hkdf.c index 637970b14..e3dfe8c62 100644 --- a/lib/ssl/tls13hkdf.c +++ b/lib/ssl/tls13hkdf.c @@ -185,6 +185,10 @@ tls13_HkdfExpandLabelRaw(PK11SymKey *prk, SSLHashType baseHash, label, labelLen, kTlsHkdfInfo[baseHash].pkcs11Mech, outputLen, &derived); + if (rv != SECSuccess || !derived) { + goto abort; + } + rv = PK11_ExtractKeyValue(derived); if (rv != SECSuccess) { goto abort; |