diff options
| author | Miod Vallat <miod@cvs.openbsd.org> | 2014-05-24 19:27:49 +0000 |
|---|---|---|
| committer | Miod Vallat <miod@cvs.openbsd.org> | 2014-05-24 19:27:49 +0000 |
| commit | bba2129948c1828d263a2db171d48d8b06556b7c (patch) | |
| tree | 0590ff56a627c6c5595853d74ee15e747d19871d /lib | |
| parent | 03da023b809bee0189b07f49e6cc96476b1d5a02 (diff) | |
In ssl_cipher_get_evp(), fix off-by-one in index validation before accessing
arrays.
"kind of scary" deraadt@, ok guenther@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/ssl_ciph.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index 77d8a3c79f3..4ae3312a1a0 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -559,7 +559,7 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, break; } - if ((i < 0) || (i > SSL_ENC_NUM_IDX)) + if ((i < 0) || (i >= SSL_ENC_NUM_IDX)) *enc = NULL; else { if (i == SSL_ENC_NULL_IDX) @@ -591,7 +591,7 @@ ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, i = -1; break; } - if ((i < 0) || (i > SSL_MD_NUM_IDX)) { + if ((i < 0) || (i >= SSL_MD_NUM_IDX)) { *md = NULL; if (mac_pkey_type != NULL) |