From 8ab4e5d18c9d259bec64bb2c6f6064c08d139f8c Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Wed, 20 Dec 2017 17:21:57 -0700
Subject: [PATCH] fix NULL pointer dereference in wolfSSL_CTX_new() for
 ctx->srp if ctx is NULL

---
 src/ssl.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index d7d66f26b..5caa1e301 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -326,18 +326,19 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
 void wolfSSL_CTX_free(WOLFSSL_CTX* ctx)
 {
     WOLFSSL_ENTER("SSL_CTX_free");
+    if (ctx) {
 #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
 && !defined(NO_SHA256) && !defined(WC_NO_RNG)
-    if (ctx->srp != NULL){
-        if (ctx->srp_password != NULL){
-            XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP);
+        if (ctx->srp != NULL){
+            if (ctx->srp_password != NULL){
+                XFREE(ctx->srp_password, ctx->heap, DYNAMIC_TYPE_SRP);
+            }
+            wc_SrpTerm(ctx->srp);
+            XFREE(ctx->srp, ctx->heap, DYNAMIC_TYPE_SRP);
         }
-        wc_SrpTerm(ctx->srp);
-        XFREE(ctx->srp, ctx->heap, DYNAMIC_TYPE_SRP);
-    }
 #endif
-    if (ctx)
         FreeSSL_Ctx(ctx);
+    }
 
     WOLFSSL_LEAVE("SSL_CTX_free", 0);
 }