mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix off-by-one errors in ssl_cipher_get_evp()

Browse Source 
In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays.

PR#3375
This commit is contained in:
Kurt Cancemi 2014-06-04 03:59:58 -04:00 committed by Matt Caswell
parent 977f32e852
commit abfb989fe0
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/ssl_ciph.c
View File

@ -582,7 +582,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
break;
}
if ((i < 0) || (i > SSL_ENC_NUM_IDX))
if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
*enc=NULL;
else
{
@ -616,7 +616,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
i= -1;
break;
}
if ((i < 0) || (i > SSL_MD_NUM_IDX))
if ((i < 0) || (i >= SSL_MD_NUM_IDX))
{
*md=NULL;
if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;