From 6547254b53bb5446255a4813d6113c1897355bb9 Mon Sep 17 00:00:00 2001
From: "nelsonb%netscape.com" <nelsonb%netscape.com>
Date: Thu, 7 Sep 2000 19:01:48 +0000
Subject: [PATCH] If an application calls SSL_SetURL on an NSPR FD that has NOT
 had SSL "imported" into it, SSL_SetURL will crash.  This change fixes that.

---
 security/nss/lib/ssl/sslsecur.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c
index 2c041844be86..f92cee8ca3e2 100644
--- a/security/nss/lib/ssl/sslsecur.c
+++ b/security/nss/lib/ssl/sslsecur.c
@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: sslsecur.c,v 1.1 2000/03/31 19:35:53 relyea%netscape.com Exp $
+ * $Id: sslsecur.c,v 1.2 2000/09/07 19:01:48 nelsonb%netscape.com Exp $
  */
 #include "cert.h"
 #include "secitem.h"
@@ -1181,6 +1181,11 @@ SSL_SetURL(PRFileDesc *fd, const char *url)
     sslSocket *   ss = ssl_FindSocket(fd);
     int           rv = SECSuccess;
 
+    if (!ss) {
+	SSL_DBG(("%d: SSL[%d]: bad socket in SSLSetURL",
+		 SSL_GETPID(), fd));
+	return SECFailure;
+    }
     ssl_Get1stHandshakeLock(ss);
     ssl_GetSSL3HandshakeLock(ss);