From 36e66eb7636ebbc9dabc1eb40ecf933c7a210807 Mon Sep 17 00:00:00 2001
From: Ruby Martin <ruby@wolfssl.com>
Date: Tue, 9 Dec 2025 17:04:05 -0700
Subject: [PATCH] check if ctx and ssl are null when checking public key in
 certificate

---
 src/ssl_load.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/ssl_load.c b/src/ssl_load.c
index dc652748c..5b995f013 100644
--- a/src/ssl_load.c
+++ b/src/ssl_load.c
@@ -1607,6 +1607,9 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
 #ifndef NO_RSA
     word32 idx;
 #endif
+    if (ctx == NULL && ssl == NULL) {
+        return BAD_FUNC_ARG;
+    }
 
     /* Get key size and check unless not verifying. */
     switch (cert->keyOID) {