Fix off-by-one errors in ssl_cipher_get_evp()
In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays. PR#3375 (Imported from upstream's 3d86077427f93dc46b18fee706b567ec32ac232a)
This commit is contained in:
parent
006779a02c
commit
4c65f3a2f1
@ -469,7 +469,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((i < 0) || (i > SSL_ENC_NUM_IDX))
|
if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
|
||||||
*enc=NULL;
|
*enc=NULL;
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@ -503,7 +503,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
|
|||||||
i= -1;
|
i= -1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if ((i < 0) || (i > SSL_MD_NUM_IDX))
|
if ((i < 0) || (i >= SSL_MD_NUM_IDX))
|
||||||
{
|
{
|
||||||
*md=NULL;
|
*md=NULL;
|
||||||
if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
|
if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
|
||||||
|
Loading…
Reference in New Issue
Block a user