diff options
author | Miod Vallat <miod@openbsd.org> | 2014-06-12 21:25:07 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2014-06-22 23:26:33 +0100 |
commit | b09db677d54800c236c9b4a5f3a877026ab876f7 (patch) | |
tree | 4b7a6b668d1b1a341770609df5da4d051dd19a1f /ssl/ssl_ciph.c | |
parent | cdc596567d61fb844a6e87b58c64aaf9fa0a4a2b (diff) |
Fix off-by-one errors in ssl_cipher_get_evp()
In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays.
Bug discovered and fixed by Miod Vallat from the OpenBSD team.
PR#3375
Diffstat (limited to 'ssl/ssl_ciph.c')
-rw-r--r-- | ssl/ssl_ciph.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index a54c06ffb7..c16ba15188 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -390,7 +390,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, break; } - if ((i < 0) || (i > SSL_ENC_NUM_IDX)) + if ((i < 0) || (i >= SSL_ENC_NUM_IDX)) *enc=NULL; else { @@ -412,7 +412,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, i= -1; break; } - if ((i < 0) || (i > SSL_MD_NUM_IDX)) + if ((i < 0) || (i >= SSL_MD_NUM_IDX)) *md=NULL; else *md=ssl_digest_methods[i]; |