Fix a bug where the ssl context is used after it's nullified

When not using DEBUG_C, but using the DTLS CID feature - a null pointer was accessed in ssl_tls.c. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2025-07-28 00:21:48 +03:00 · 2021-09-29 04:21:21 -04:00
parent 5902cd64e2
commit 324f72ec9c
2 changed files with 15 additions and 2 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -693,8 +693,9 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
    const mbedtls_cipher_info_t *cipher_info;
    const mbedtls_md_info_t *md_info;

-#if !defined(MBEDTLS_DEBUG_C)
-    ssl = NULL; /* make sure we don't use it except for this case */
+#if !defined(MBEDTLS_DEBUG_C) && \
+    !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ssl = NULL; /* make sure we don't use it except for these cases */
    (void) ssl;
 #endif