Skip to content

Commit

Permalink
Fix off-by-one errors in ssl_cipher_get_evp()
Browse files Browse the repository at this point in the history 
In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays.

PR#3375
  • Loading branch information
@x64architecture @mattcaswell
x64architecture authored and mattcaswell committed Jun 12, 2014
1 parent 56ba280 commit 3d86077
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions ssl/ssl_ciph.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -563,7 +563,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
break;
}

if ((i < 0) || (i > SSL_ENC_NUM_IDX))
if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
*enc=NULL;
else
{
Expand Down Expand Up @@ -597,7 +597,7 @@ int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
i= -1;
break;
}
if ((i < 0) || (i > SSL_MD_NUM_IDX))
if ((i < 0) || (i >= SSL_MD_NUM_IDX))
{
*md=NULL;
if (mac_pkey_type!=NULL) *mac_pkey_type = NID_undef;
Expand Down

0 comments on commit 3d86077

Please sign in to comment.