From fbd3e06b64a1d4733eb95fc3ed0e35bb4c3a726e Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Sat, 8 Jul 2017 22:13:24 +0200
Subject: [PATCH] Fix cipher_compare

Unsigned overflow.  Found by Brian Carpenter

Fixes #3889

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3890)

(cherry picked from commit a7ff57965b81ce4fd73a18266ce29abf6b909fdb)
---
 ssl/s3_lib.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index d45a2469b5..9ea02dc074 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2725,7 +2725,9 @@ static int cipher_compare(const void *a, const void *b)
     const SSL_CIPHER *ap = (const SSL_CIPHER *)a;
     const SSL_CIPHER *bp = (const SSL_CIPHER *)b;
 
-    return ap->id - bp->id;
+    if (ap->id == bp->id)
+        return 0;
+    return ap->id < bp->id ? -1 : 1;
 }
 
 void ssl_sort_cipher_list(void)
-- 
2.25.1