File gnutls-PSK-hash-NULL-check-pskcred.patch of Package gnutls.42640

From acf67a4a68bc6d9ab7b882469c67f6cf28db56a0 Mon Sep 17 00:00:00 2001
From: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu, 29 Jan 2026 17:38:01 +0100
Subject: [PATCH 699/713] pre_shared_key: add null check on pskcred

Fixes: #1790
Fixes: GNUTLS-SA-2026-02-09-1
Fixes: CVE-2026-1584
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Index: gnutls-3.8.3/lib/ext/pre_shared_key.c
===================================================================
--- gnutls-3.8.3.orig/lib/ext/pre_shared_key.c
+++ gnutls-3.8.3/lib/ext/pre_shared_key.c
@@ -983,7 +983,8 @@ retry_binder:
 		 * even for SHA384 PSKs, so we need to retry with SHA256
 		 * to calculate the correct binder value for those.
 		 */
-		if (pskcred->binder_algo == NULL && mac == GNUTLS_MAC_SHA384) {
+		if (pskcred && pskcred->binder_algo == NULL &&
+		    mac == GNUTLS_MAC_SHA384) {
 			mac = GNUTLS_MAC_SHA256;
 			goto retry_binder;
 		}