From 550fbcfff7bc5e7f1397b9ea9eccd5063cafd18b Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Thu, 31 Oct 2019 10:07:47 -0600
Subject: [PATCH] add null checks (QSH and CRYPTOCELL)

---
 src/internal.c      |  6 ++++--
 wolfcrypt/src/ecc.c | 20 ++++++++++++++++++--
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 5d5115c74..8c25660e3 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -20726,7 +20726,7 @@ static int QSH_GenerateSerCliSecret(WOLFSSL* ssl, byte isServer)
     int offset   = 0;
     word32 tmpSz = 0;
     buffer* buf;
-    QSHKey* current = ssl->peerQSHKey;
+    QSHKey* current;
     QSHScheme* schmPre = NULL;
     QSHScheme* schm    = NULL;
 
@@ -20735,6 +20735,7 @@ static int QSH_GenerateSerCliSecret(WOLFSSL* ssl, byte isServer)
 
     WOLFSSL_MSG("Generating QSH secret key material");
 
+    current = ssl->peerQSHKey;
     /* get size of buffer needed */
     while (current) {
         if (current->pub.length != 0) {
@@ -20816,11 +20817,12 @@ static int QSH_GenerateSerCliSecret(WOLFSSL* ssl, byte isServer)
 static word32 QSH_KeyGetSize(WOLFSSL* ssl)
 {
     word32 sz = 0;
-    QSHKey* current = ssl->peerQSHKey;
+    QSHKey* current;
 
     if (ssl == NULL)
         return -1;
 
+    current = ssl->peerQSHKey;
     sz += OPAQUE16_LEN; /* type of extension ie 0x00 0x18 */
     sz += OPAQUE24_LEN;
     /* get size of buffer needed */
diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index 7b6630508..509f8bbea 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -4037,12 +4037,20 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
     CRYS_ECPKI_KG_TempData_t    tempBuff;
     CRYS_ECPKI_KG_FipsContext_t fipsCtx;
     byte ucompressed_key[ECC_MAX_CRYPTO_HW_SIZE*2 + 1];
-    word32 raw_size = (word32) (key->dp->size)*2 + 1;
+    word32 raw_size;
 #endif
     if (key == NULL || rng == NULL) {
         return BAD_FUNC_ARG;
     }
 
+#if defined(WOLFSSL_CRYPTOCELL)
+    if (key->dp == NULL) {
+        WOLFSSL_MSG("ECC internal dp structure was NULL");
+        return BAD_FUNC_ARG;
+    }
+
+    raw_size = (word32) (key->dp->size)*2 + 1;
+#endif
     /* make sure required variables are reset */
     wc_ecc_reset(key);
 
@@ -7232,13 +7240,21 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
     const CRYS_ECPKI_Domain_t* pDomain;
     CRYS_ECPKI_BUILD_TempData_t tempBuff;
     byte key_raw[ECC_MAX_CRYPTO_HW_SIZE*2 + 1];
-    word32 keySz = key->dp->size;
+    word32 keySz;
 #endif
     /* if d is NULL, only import as public key using Qx,Qy */
     if (key == NULL || qx == NULL || qy == NULL) {
         return BAD_FUNC_ARG;
     }
 
+#if defined(WOLFSSL_CRYPTOCELL)
+    if (key->dp == NULL) {
+        WOLFSSL_MSG("ECC internal dp structure was NULL");
+        return BAD_FUNC_ARG;
+    }
+
+    keySz = (word32) (key->dp->size)*2 + 1;
+#endif
     /* make sure required variables are reset */
     wc_ecc_reset(key);