From fdd8a2f0b85bb5e2a2f23484c306df9cb2a65b69 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 9 Feb 2019 16:10:47 +0200
Subject: [PATCH] TLS client: Fix peer certificate event checking for probing

conn->cred might be NULL here, so check for that explicitly before
checking whether conn->cred->cert_probe is set. This fixes a potential
NULL pointer dereference when going through peer certificates with
event_cb functionality enabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/tls/tlsv1_client_read.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tls/tlsv1_client_read.c b/src/tls/tlsv1_client_read.c
index e66f1a988..80874e59d 100644
--- a/src/tls/tlsv1_client_read.c
+++ b/src/tls/tlsv1_client_read.c
@@ -290,7 +290,7 @@ static void tls_peer_cert_event(struct tlsv1_client *conn, int depth,
 		return;
 
 	os_memset(&ev, 0, sizeof(ev));
-	if (conn->cred->cert_probe || conn->cert_in_cb) {
+	if ((conn->cred && conn->cred->cert_probe) || conn->cert_in_cb) {
 		cert_buf = wpabuf_alloc_copy(cert->cert_start,
 					     cert->cert_len);
 		ev.peer_cert.cert = cert_buf;