From 7ea71ead61b85d66c619a20ff3bd680416da6858 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 6 Mar 2023 12:10:50 +0100
Subject: [PATCH] kex: Avoid NULL pointer dereference (GHSL-2023-032)

Thanks Phil Turnbull from Github

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/kex.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/kex.c b/src/kex.c
index 00ee9d1d..42d94ad7 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -321,6 +321,10 @@ static int cmp_first_kex_algo(const char *client_str,
 
     int is_wrong = 1;
 
+    if (client_str == NULL || server_str == NULL) {
+        return is_wrong;
+    }
+
     colon = strchr(client_str, ',');
     if (colon == NULL) {
         client_kex_len = strlen(client_str);