From 88e3cf0a1024f4afaf8e44553526eb326db102bc Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Mon, 29 Oct 2018 16:27:43 +0100
Subject: test/evp_test.c: Fixed strcmp() fault in mac_test_init()

When wanting to compare the end of a string with another string, make
sure not to start somewhere before the start of the first string.

[extended tests]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7520)
---
 test/evp_test.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'test')

diff --git a/test/evp_test.c b/test/evp_test.c
index 311814b1bd..25b10d3314 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -863,7 +863,8 @@ static int mac_test_init(EVP_TEST *t, const char *alg)
         size_t sz = strlen(alg);
         static const char epilogue[] = " by EVP_PKEY";
 
-        if (strcmp(alg + sz - (sizeof(epilogue) - 1), epilogue) == 0)
+        if (sz >= sizeof(epilogue)
+            && strcmp(alg + sz - (sizeof(epilogue) - 1), epilogue) == 0)
             sz -= sizeof(epilogue) - 1;
 
         if (strncmp(alg, "HMAC", sz) == 0) {
-- 
cgit v1.2.3