Obtained from:	https://github.com/python/cpython/commit/216a4d83c3b72f4fdcd81b588dc3f42cc461739a

bpo-35746: Fix segfault in ssl's cert parser (GH-11569) (GH-11573)

Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.

--- Modules/_ssl.c.orig
+++ Modules/_ssl.c
@@ -1338,6 +1338,10 @@ _get_crl_dp(X509 *certificate) {
         STACK_OF(GENERAL_NAME) *gns;
 
         dp = sk_DIST_POINT_value(dps, i);
+        if (dp->distpoint == NULL) {
+            /* Ignore empty DP value, CVE-2019-5010 */
+            continue;
+        }
         gns = dp->distpoint->name.fullname;
 
         for (j=0; j < sk_GENERAL_NAME_num(gns); j++) {