Set sess to NULL after freeing it. Found by OSS-fuzz Bug introduced in commit 61fb59238dad6452a37ec14513fae617a4faef29 Reviewed-by: Matt Caswell <matt@openssl.org> GH: #6235

commit: 5f96a95e2562f026557f625e50c052e77c7bc2e8 [log] [tgz]
author: Kurt Roeckx <kurt@roeckx.be> Sat May 12 12:08:14 2018 +0200
committer: Kurt Roeckx <kurt@roeckx.be> Sat May 12 12:19:00 2018 +0200
tree: aeddaca07c57a46b157ae72ea01fcd26d2f24cd0
parent: a925e7dbf4c3bb01365c961df86da3ebfa1a6c27 [diff]
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index b312a14..c076782 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -1384,6 +1384,7 @@
         /* Some additional consistency checks */
         if (slen != 0) {
             SSL_SESSION_free(sess);
+            sess = NULL;
             ret = SSL_TICKET_NO_DECRYPT;
             goto end;
         }
commit	5f96a95e2562f026557f625e50c052e77c7bc2e8	[log] [tgz]
author	Kurt Roeckx <kurt@roeckx.be>	Sat May 12 12:08:14 2018 +0200
committer	Kurt Roeckx <kurt@roeckx.be>	Sat May 12 12:19:00 2018 +0200
tree	aeddaca07c57a46b157ae72ea01fcd26d2f24cd0
parent	a925e7dbf4c3bb01365c961df86da3ebfa1a6c27 [diff]