File gnutls-PSK-hash-NULL-check.patch of Package gnutls.42640

From 33034a91c2c1f38bad19e747d3021885d54bfb44 Mon Sep 17 00:00:00 2001
From: Wilfred Mallawa <wilfred.mallawa@wdc.com>
Date: Mon, 18 Aug 2025 12:40:57 +1000
Subject: [PATCH 2886/3000] lib/psk: add null check for binder algo

Currently, `pskcred->binder_algo` is used without checking first if it
is valid. This can lead to a NULL pointer dereference in cases such as
[1]. This patch adds NULL check `pskcred->binder_algo` before using it.

This also makes it more explicit in
gnutls_psk_allocate_server_credentials2() that `pskcred->binder_algo
== NULL` indicates auto-detection, while avoiding the linear lookup
for a NULL entry.

[1] https://gitlab.com/gnutls/gnutls/-/issues/1729

Fix Suggested by: Daiki Ueno <ueno@gnu.org>
Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>

diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
index d709efa74..82a16e02c 100644
--- a/lib/ext/pre_shared_key.c
+++ b/lib/ext/pre_shared_key.c
@@ -886,9 +886,9 @@ retry_binder:
 			gnutls_psk_key_flags flags;
 			uint8_t ipsk[MAX_HASH_SIZE];
 
-			prf = pskcred->binder_algo;
-			if (prf->id == GNUTLS_MAC_UNKNOWN)
-				prf = _gnutls_mac_to_entry(mac);
+			prf = pskcred->binder_algo == NULL ?
+				      _gnutls_mac_to_entry(mac) :
+				      pskcred->binder_algo;
 
 			/* this fails only on configuration errors; as such we always
 			 * return its error code in that case */
@@ -983,7 +983,7 @@ retry_binder:
 		 * even for SHA384 PSKs, so we need to retry with SHA256
 		 * to calculate the correct binder value for those.
 		 */
-		if (prf->id == GNUTLS_MAC_UNKNOWN && mac == GNUTLS_MAC_SHA384) {
+		if (pskcred->binder_algo == NULL && mac == GNUTLS_MAC_SHA384) {
 			mac = GNUTLS_MAC_SHA256;
 			goto retry_binder;
 		}
diff --git a/lib/psk.c b/lib/psk.c
index 06cf5b03d..f851b3d44 100644
--- a/lib/psk.c
+++ b/lib/psk.c
@@ -256,8 +256,12 @@ int gnutls_psk_allocate_server_credentials2(gnutls_psk_server_credentials_t *sc,
 
 	if (*sc == NULL)
 		return GNUTLS_E_MEMORY_ERROR;
-
-	(*sc)->binder_algo = _gnutls_mac_to_entry(mac);
+	/*
+	 * For GNUTLS_MAC_UNKNOWN, setting binder_algo to NULL allows
+	 * for auto-detction.
+	 */
+	(*sc)->binder_algo =
+		(mac == GNUTLS_MAC_UNKNOWN ? NULL : _gnutls_mac_to_entry(mac));
 	return 0;
 }
 
-- 
2.53.0