Avoid out-of-bounds write in SSL_get_shared_ciphers
authorGünther Noack <gnoack@google.com>
Thu, 1 May 2014 11:33:11 +0000 (13:33 +0200)
committerMatt Caswell <matt@openssl.org>
Sun, 11 May 2014 22:57:14 +0000 (23:57 +0100)
PR: 3317

ssl/ssl_lib.c

index 6dbc3c1..6e2711a 100644 (file)
@@ -1347,6 +1347,9 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
                (len < 2))
                return(NULL);
 
+       if (sk_SSL_CIPHER_num(sk) == 0)
+               return NULL;
+
        p=buf;
        sk=s->session->ciphers;
        for (i=0; i<sk_SSL_CIPHER_num(sk); i++)