From e8c959084f014cd3e425b22838fb8a71cf33c2fb Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 6 Mar 2023 12:10:50 +0100
Subject: [PATCH] kex: Avoid NULL pointer dereference (GHSL-2023-032)

Thanks Phil Turnbull from Github

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 src/kex.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/kex.c b/src/kex.c
index 82071c74..2959a962 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -305,6 +305,10 @@ static int cmp_first_kex_algo(const char *client_str,
 
     int is_wrong = 1;
 
+    if (client_str == NULL || server_str == NULL) {
+        return is_wrong;
+    }
+
     colon = strchr(client_str, ',');
     if (colon == NULL) {
         client_kex_len = strlen(client_str);