From 12cbba0d549895d2c743c4517d0a7fe2d6cac2d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Noack?= <gnoack@google.com>
Date: Thu, 1 May 2014 13:33:11 +0200
Subject: Avoid out-of-bounds write in SSL_get_shared_ciphers

PR: 3317
---
 ssl/ssl_lib.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'ssl/ssl_lib.c')

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index cfe40b2fa4..4f2a2715de 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1320,6 +1320,9 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
 		(len < 2))
 		return(NULL);
 
+	if (sk_SSL_CIPHER_num(sk) == 0)
+		return NULL;
+
 	p=buf;
 	sk=s->session->ciphers;
 	for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
-- 
cgit v1.2.3