Potential cases of NULL pointer dereferencing

[leorosen]

Summary

This is an umbrella ticket for several cases of problematic code where there exists a potential for NULL-pointer dereferencing.

System information

Expected behavior

Actual behavior

Steps to reproduce

Additional information

[gilles-peskine-arm]

If you submit patches for such issues, please distinguish cases that can actually happen and patches that are just making the code more future-proof or easier to analyze statically. Cases that can actually happen need a changelog entry and preferably a non-regression test. Cases that can't happen need an explanation (e.g. in the PR description) of why they can't happen.

Note that by default, if an Mbed TLS public function takes an argument with a pointer type, it expects this pointer to be valid, i.e. non-null. There are exceptions (some functions do accept a null pointer and return an error status without documenting this), but in general, we don't want to litter the code with if (arg == NULL) return ERROR.

[daverodgman]

Closing this issue (keeping the PRs) - it's fine for the PRs to stand alone without a generic issue, and there's no extra info captured here. Thanks @leorosen for all the contributions!