generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix off-by-one errors in ssl_cipher_get_evp()

Browse Source 
In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays.

    Bug discovered and fixed by Miod Vallat from the OpenBSD team.

    PR#3375
This commit is contained in:
Miod Vallat 2014-06-12 21:25:07 +01:00 committed by Matt Caswell
parent cdc596567d
commit b09db677d5
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/ssl_ciph.c
View File

@ -390,7 +390,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
break; break;
} }
if ((i < 0) || (i > SSL_ENC_NUM_IDX)) if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
*enc=NULL; *enc=NULL;
else else
{ {
@ -412,7 +412,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
i= -1; i= -1;
break; break;
} }
if ((i < 0) || (i > SSL_MD_NUM_IDX)) if ((i < 0) || (i >= SSL_MD_NUM_IDX))
*md=NULL; *md=NULL;
else else
*md=ssl_digest_methods[i]; *md=ssl_digest_methods[i];