Check index >= 0 as 0 is a valid index.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2587)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 43340d4d49f272eb37ff1a261dadc481e2b139c9..d6a841a82fa4241d0c7f64f46b2384183268876a 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1601,7 +1601,7 @@ int tls1_process_sigalgs(SSL *s)
         if (SSL_IS_TLS13(s) && sigptr->sig == EVP_PKEY_RSA)
             continue;
         idx = tls12_get_pkey_idx(sigptr->sig);
-        if (idx > 0 && pmd[idx] == NULL) {
+        if (idx >= 0 && pmd[idx] == NULL) {
             md = ssl_md(sigptr->hash_idx);
             pmd[idx] = md;
             pvalid[idx] = CERT_PKEY_EXPLICIT_SIGN;