projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3e524bf)
Fix uninitialized read in sigalg parsing code
authorBenjamin Kaduk <bkaduk@akamai.com>
Fri, 26 Jan 2018 01:30:54 +0000 (19:30 -0600)
committerBenjamin Kaduk <bkaduk@akamai.com>
Fri, 26 Jan 2018 01:40:35 +0000 (19:40 -0600)
The check for a duplicate value was reading one entry past
where it was supposed to, getting an uninitialized value.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5172)

ssl/t1_lib.c patch | blob | history

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d4c9086e5af1357a2fb3cfb1b65c1816bf97da1b..7109741a7dca1b4aa1682b330d77a9b7e667e218 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1781,7 +1781,7 @@ static int sig_cb(const char *elem, int len, void *arg)
 
     /* Reject duplicates */
     for (i = 0; i < sarg->sigalgcnt - 1; i++) {
-        if (sarg->sigalgs[i] == sarg->sigalgs[sarg->sigalgcnt]) {
+        if (sarg->sigalgs[i] == sarg->sigalgs[sarg->sigalgcnt - 1]) {
             sarg->sigalgcnt--;
             return 0;
         }
Unnamed repository; edit this file 'description' to name the repository.