wolfSSL/wolfssl

Missing check on input arguments (NULL dereference)

ManSoSec opened this issue · 1 comments

I noticed this missing argument check here (in HashOutput)
https://github.com/wolfSSL/wolfssl/blob/master/src/internal.c#L6477

While it is done in 2 functions (HashInput and HashOutputRaw) here:
https://github.com/wolfSSL/wolfssl/blob/master/src/internal.c#L6431
https://github.com/wolfSSL/wolfssl/blob/master/src/internal.c#L6550

if (ssl->hsHashes == NULL)
return BAD_FUNC_ARG;

I can send a pull request.

Thank you for bringing this to our attention. I'll go ahead and fix this and the other two issues.