From bbfefd3cde5b69a460ae55cd101aceb710060c0c Mon Sep 17 00:00:00 2001
From: Stanislav Klima <sklima@rockwellautomation>
Date: Wed, 5 Feb 2020 16:59:20 +0100
Subject: [PATCH] Sanity check NULL dereference.

---
 wolfcrypt/src/integer.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c
index 9e45ebdc2..8f955796e 100644
--- a/wolfcrypt/src/integer.c
+++ b/wolfcrypt/src/integer.c
@@ -2846,6 +2846,14 @@ int mp_set_bit (mp_int * a, int b)
 {
     int i = b / DIGIT_BIT, res;
 
+    /*
+     * Require:
+     *  bit index b >= 0
+     *  a->alloc == a->used == 0 if a->dp == NULL
+     */
+    if (b < 0 || (a->dp == NULL && (a->alloc != 0 || a->used != 0)))
+        return MP_VAL;
+
     if (a->dp == NULL || a->used < (int)(i + 1)) {
         /* grow a to accommodate the single bit */
         if ((res = mp_grow (a, i + 1)) != MP_OKAY) {