From ef189737a3a97bbdeb06825c06121697f62ed50b Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@wolfbeast.com>
Date: Wed, 17 Jul 2019 01:15:00 +0200
Subject: Apply better input checking discipline.

---
 security/nss/lib/freebl/dh.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'security/nss/lib/freebl/dh.c')

diff --git a/security/nss/lib/freebl/dh.c b/security/nss/lib/freebl/dh.c
index 6f2bafda2..b2d6d7430 100644
--- a/security/nss/lib/freebl/dh.c
+++ b/security/nss/lib/freebl/dh.c
@@ -210,7 +210,8 @@ DH_Derive(SECItem *publicValue,
     unsigned int len = 0;
     unsigned int nb;
     unsigned char *secret = NULL;
-    if (!publicValue || !prime || !privateValue || !derivedSecret) {
+    if (!publicValue || !publicValue->len || !prime || !prime->len ||
+        !privateValue || !privateValue->len || !derivedSecret) {
         PORT_SetError(SEC_ERROR_INVALID_ARGS);
         return SECFailure;
     }
-- 
cgit v1.2.3