From b46545315c271a624586c93e0b1aef3ac0de2563 Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Wed, 25 Oct 2023 08:44:11 -0600
Subject: [PATCH 1/2] fix for possible null dereference warning

---
 src/ocsp.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ocsp.c b/src/ocsp.c
index 78b1f0e84..eca389493 100644
--- a/src/ocsp.c
+++ b/src/ocsp.c
@@ -859,8 +859,8 @@ int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs,
             WOLFSSL_X509* x = wolfSSL_sk_X509_value(certs, idx);
             int derSz = 0;
             const byte* der = wolfSSL_X509_get_der(x, &derSz);
-
-            if (derSz == (int)bs->certSz && XMEMCMP(bs->cert, der, derSz) == 0) {
+            if (der != NULL && derSz == (int)bs->certSz &&
+                    XMEMCMP(bs->cert, der, derSz) == 0) {
                 ret = WOLFSSL_SUCCESS;
                 goto out;
             }

From 6538ed1c39dade4e09573da85d608dc013b1beb6 Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Wed, 25 Oct 2023 09:52:35 -0600
Subject: [PATCH 2/2] coverity fix for CID 327268

---
 src/ssl.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index ae8ca740d..9ba44df3f 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -8715,9 +8715,10 @@ int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb)
 int wolfSSL_SetCRL_IOCb(WOLFSSL* ssl, CbCrlIO cb)
 {
     WOLFSSL_ENTER("wolfSSL_SetCRL_Cb");
-    SSL_CM_WARNING(ssl);
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerSetCRL_IOCb(SSL_CM(ssl), cb);
+    }
     else
         return BAD_FUNC_ARG;
 }