From d886d9f93cffeb6410d27677baac54d4b4e6d8cc Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 14 Dec 2020 06:01:43 -0500
Subject: [PATCH] Fix freeing uninitialized fields from the ssl context

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 library/ssl_tls.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f5d663e42..038e581d5 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -12060,9 +12060,15 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
 #if defined(MBEDTLS_SSL_FREE_SERVER_CERTIFICATE) && \
     defined(MBEDTLS_X509_CRT_PARSE_C) && \
     defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
-    mbedtls_x509_crt_free( ssl->session_negotiate->peer_cert );
-    mbedtls_free( ssl->session->peer_cert );
-    ssl->session->peer_cert = NULL;
+    if( ssl->session_negotiate )
+    {
+        mbedtls_x509_crt_free( ssl->session_negotiate->peer_cert );
+    }
+    if( ssl->session )
+    {
+        mbedtls_free( ssl->session->peer_cert );
+        ssl->session->peer_cert = NULL;
+    }
 #endif /* MBEDTLS_SSL_FREE_SERVER_CERTIFICATE */
 
 #if defined(MBEDTLS_DHM_C)