Avoid out-of-bounds write in SSL_get_shared_ciphers

author Günther Noack <gnoack@google.com>

Thu, 1 May 2014 11:33:11 +0000 (13:33 +0200)

committer Matt Caswell <matt@openssl.org>

Sun, 11 May 2014 22:57:14 +0000 (23:57 +0100)
author Günther Noack <gnoack@google.com>
Thu, 1 May 2014 11:33:11 +0000 (13:33 +0200)
committer Matt Caswell <matt@openssl.org>
Sun, 11 May 2014 22:57:14 +0000 (23:57 +0100)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index 6dbc3c1f7d0a7ea02614a123eb82130ba98f653c..6e2711afa6a6636cad58a2568b23e965f7645e3c 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1347,6 +1347,9 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
                 (len < 2))
                 return(NULL);
  
+       if (sk_SSL_CIPHER_num(sk) == 0)
+               return NULL;
+
         p=buf;
         sk=s->session->ciphers;
         for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
author	Günther Noack <gnoack@google.com>
	Thu, 1 May 2014 11:33:11 +0000 (13:33 +0200)
committer	Matt Caswell <matt@openssl.org>
	Sun, 11 May 2014 22:57:14 +0000 (23:57 +0100)