Avoid out-of-bounds write in SSL_get_shared_ciphers

author Günther Noack <gnoack@google.com>

Thu, 1 May 2014 11:33:11 +0000 (13:33 +0200)

committer Matt Caswell <matt@openssl.org>

Sun, 11 May 2014 22:55:06 +0000 (23:55 +0100)
author Günther Noack <gnoack@google.com>
Thu, 1 May 2014 11:33:11 +0000 (13:33 +0200)
committer Matt Caswell <matt@openssl.org>
Sun, 11 May 2014 22:55:06 +0000 (23:55 +0100)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c

index 0103296aa9075ff5dc1b67b4ade2baa36ecc7bde..0a7e2aad2dc0e444fa86395cb9d30d4d5d4b5a53 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1467,6 +1467,9 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
                 (len < 2))
                 return(NULL);
  
+       if (sk_SSL_CIPHER_num(sk) == 0)
+               return NULL;
+
         p=buf;
         sk=s->session->ciphers;
         for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
author	Günther Noack <gnoack@google.com>
	Thu, 1 May 2014 11:33:11 +0000 (13:33 +0200)
committer	Matt Caswell <matt@openssl.org>
	Sun, 11 May 2014 22:55:06 +0000 (23:55 +0100)