Fix off-by-one errors in ssl_cipher_get_evp()

In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays. PR#3375 (Imported from upstream's 3d86077427f93dc46b18fee706b567ec32ac232a)
2014-06-20 12:00:00 -07:00 · 2014-06-20 12:00:00 -07:00 · 4c65f3a2f1
commit 4c65f3a2f1
parent 006779a02c
1 changed files with 2 additions and 2 deletions
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@ -469,7 +469,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
 		break;
 		}

-	if ((i < 0) || (i > SSL_ENC_NUM_IDX))
+	if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
 		*enc=NULL;
 	else
 		{
@ -503,7 +503,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
 		i= -1;
 		break;
 		}
-	if ((i < 0) || (i > SSL_MD_NUM_IDX))
+	if ((i < 0) || (i >= SSL_MD_NUM_IDX))
 	{
 		*md=NULL; 
 		if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;