src/ssl_load.c: in ProcessBufferCert(), check ctx for nullness before accessing ctx->verifyNone (fixes -Wnull-dereference reported by multi-test dtls-no-rsa-no-dh after merge of 36e66eb).

douzzer · douzzer · commit cd3e81a656f2 · 2025-12-17T11:01:10.000-06:00
diff --git a/src/ssl_load.c b/src/ssl_load.c
@@ -2064,7 +2064,7 @@ static int ProcessBufferCert(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der)
             }
             /* Don't check if no SSL object verification is disabled for SSL
              * context. */
-            else if ((ssl == NULL) && ctx->verifyNone) {
+            else if ((ssl == NULL) && (ctx != NULL) && ctx->verifyNone) {
                 checkKeySz = 0;
             }
 

Original file line number	Diff line number	Diff line change
`@@ -2064,7 +2064,7 @@ static int ProcessBufferCert(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der)`
`2064`	`2064`	`}`
`2065`	`2065`	`/* Don't check if no SSL object verification is disabled for SSL`
`2066`	`2066`	`* context. */`
`2067`		`- else if ((ssl == NULL) && ctx->verifyNone) {`
	`2067`	`+ else if ((ssl == NULL) && (ctx != NULL) && ctx->verifyNone) {`
`2068`	`2068`	`checkKeySz = 0;`
`2069`	`2069`	`}`
`2070`	`2070`