Fix ordering of compare functions: strncmp() must be used first, a
authorLutz Jänicke <jaenicke@openssl.org>
Tue, 8 Apr 2003 06:31:36 +0000 (06:31 +0000)
committerLutz Jänicke <jaenicke@openssl.org>
Tue, 8 Apr 2003 06:31:36 +0000 (06:31 +0000)
the cipher name in the list is not guaranteed to be at least "buflen"
long.
PR: 567
Submitted by: "Matt Harren" <matth@cs.berkeley.edu>

ssl/ssl_ciph.c

index d4f86f6..f175dc8 100644 (file)
@@ -715,13 +715,14 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
                         * So additionally check whether the cipher name found
                         * has the correct length. We can save a strlen() call:
                         * just checking for the '\0' at the right place is
-                        * sufficient, we have to strncmp() anyway.
+                        * sufficient, we have to strncmp() anyway. (We cannot
+                        * use strcmp(), because buf is not '\0' terminated.)
                         */
                         j = found = 0;
                         while (ca_list[j])
                                {
-                               if ((ca_list[j]->name[buflen] == '\0') &&
-                                   !strncmp(buf, ca_list[j]->name, buflen))
+                               if (!strncmp(buf, ca_list[j]->name, buflen) &&
+                                   (ca_list[j]->name[buflen] == '\0'))
                                        {
                                        found = 1;
                                        break;