projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f9f6bef)
Avoid out-of-bounds write in SSL_get_shared_ciphers
authorGünther Noack <gnoack@google.com>
Thu, 1 May 2014 11:33:11 +0000 (13:33 +0200)
committerMatt Caswell <matt@openssl.org>
Sun, 11 May 2014 22:59:38 +0000 (23:59 +0100)
PR: 3317

ssl/ssl_lib.c patch | blob | history

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index cfe40b2fa4311284b012c9cd2696440c0e56229f..4f2a2715def854b976d1fdda6ce3db740d3e2fd8 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1320,6 +1320,9 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
                (len < 2))
                return(NULL);
 
+       if (sk_SSL_CIPHER_num(sk) == 0)
+               return NULL;
+
        p=buf;
        sk=s->session->ciphers;
        for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
Unnamed repository; edit this file 'description' to name the repository.