From bc1fca56207598344d1dafac9c2df2d75d135d84 Mon Sep 17 00:00:00 2001
From: kaleb-himes <kaleb@wolfssl.com>
Date: Tue, 25 Oct 2016 10:55:41 -0600
Subject: [PATCH] modified handler to return error on invalid condition post
 review

update
---
 src/internal.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 8df33f987..33c3b2826 100755
--- a/src/internal.c
+++ b/src/internal.c
@@ -17564,7 +17564,10 @@ int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                         #ifndef NO_RSA
                             case rsa_sa_algo:
                             {
-                                if (verifySig == NULL && ssl->sigLen > 0) {
+                                if (verifySig == NULL) {
+                                    if (ssl->sigLen == 0) {
+                                        ERROR_OUT(BAD_COND_E, exit_sske);
+                                    }
                                     verifySig = (byte*)XMALLOC(ssl->sigLen, ssl->heap,
                                                       DYNAMIC_TYPE_TMP_BUFFER);
                                     if (!verifySig) {
@@ -17610,7 +17613,10 @@ int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                                     break;
                                 }
 
-                                if (verifySig == NULL && ssl->sigLen > 0) {
+                                if (verifySig == NULL) {
+                                    if (ssl->sigLen == 0) {
+                                        ERROR_OUT(BAD_COND_E, exit_sske);
+                                    }
                                     verifySig = (byte*)XMALLOC(ssl->sigLen, ssl->heap,
                                                       DYNAMIC_TYPE_TMP_BUFFER);
                                     if (!verifySig) {