From 9b01779cbf321d23fe45cc7e3abe7a2081ab69d4 Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sat, 23 Sep 2017 14:49:03 +0200 Subject: [PATCH] Use curve_id not the nid Found by OSS-Fuzz and the tests Reviewed-by: Andy Polyakov GH: #4410 --- ssl/t1_lib.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index fd26595007..67b06f261a 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -462,7 +462,7 @@ int tls1_set_groups_list(uint16_t **pext, size_t *pextlen, const char *str) static int tls1_set_ec_id(uint16_t *pcurve_id, unsigned char *comp_id, EC_KEY *ec) { - int id; + int curve_nid; const EC_GROUP *grp; if (!ec) return 0; @@ -471,8 +471,8 @@ static int tls1_set_ec_id(uint16_t *pcurve_id, unsigned char *comp_id, if (!grp) return 0; /* Determine curve ID */ - id = EC_GROUP_get_curve_name(grp); - *pcurve_id = tls1_ec_nid2curve_id(id); + curve_nid = EC_GROUP_get_curve_name(grp); + *pcurve_id = tls1_ec_nid2curve_id(curve_nid); /* If no id return error: we don't support arbitrary explicit curves */ if (*pcurve_id == 0) return 0; @@ -482,7 +482,7 @@ static int tls1_set_ec_id(uint16_t *pcurve_id, unsigned char *comp_id, if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_UNCOMPRESSED) { *comp_id = TLSEXT_ECPOINTFORMAT_uncompressed; } else { - if ((nid_list[id - 1].flags & TLS_CURVE_TYPE) == TLS_CURVE_PRIME) + if ((nid_list[*pcurve_id - 1].flags & TLS_CURVE_TYPE) == TLS_CURVE_PRIME) *comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; else *comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; -- 2.25.1