Verify ffi object is not null before dereferencing it

This shouldn't even happen if the header is still intact, but seemingly it can: #1983 so be robust as possible.
author: Jack Lloyd <[email protected]> 2019-05-28 20:58:23 -0400
committer: Jack Lloyd <[email protected]> 2019-05-28 20:58:23 -0400
commit: b907f4daf24babef047af2bfa6758f2b7748469e (patch)
tree: 0fed445035d653de5785b7d89abb1645e1e6b468 /src/lib/ffi
parent: 27c5d0f0b8ce1a19edcc8a2c640bd297e2d7e83d (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/src/lib/ffi/ffi_util.h b/src/lib/ffi/ffi_util.h
index 2962b05e1..e77a2debb 100644
--- a/src/lib/ffi/ffi_util.h
+++ b/src/lib/ffi/ffi_util.h
@@ -82,7 +82,11 @@ int apply_fn(botan_struct<T, M>* o, const char* func_name, F func)
    if(o->magic_ok() == false)
       return BOTAN_FFI_ERROR_INVALID_OBJECT;
 
-   return ffi_guard_thunk(func_name, [&]() { return func(*o->unsafe_get()); });
+   T* p = o->unsafe_get();
+   if(p == nullptr)
+      return BOTAN_FFI_ERROR_INVALID_OBJECT;
+
+   return ffi_guard_thunk(func_name, [&]() { return func(*p); });
    }
 
 #define BOTAN_FFI_DO(T, obj, param, block)                              \
author	Jack Lloyd <[email protected]>	2019-05-28 20:58:23 -0400
committer	Jack Lloyd <[email protected]>	2019-05-28 20:58:23 -0400
commit	b907f4daf24babef047af2bfa6758f2b7748469e (patch)
tree	0fed445035d653de5785b7d89abb1645e1e6b468 /src/lib/ffi
parent	27c5d0f0b8ce1a19edcc8a2c640bd297e2d7e83d (diff)