git.openssl.org Git - openssl.git/commit

author	Todd C. Miller <Todd.Miller@sudo.ws>
	Mon, 24 Oct 2022 14:00:48 +0000 (08:00 -0600)
committer	Tomas Mraz <tomas@openssl.org>
	Wed, 26 Oct 2022 10:46:53 +0000 (12:46 +0200)
commit	428511ca66670e169a0e1b12e7540714b0be4cf8
tree	d816851c0dbc5ffc91b9493b8a9a7f441cb3b224	tree \| snapshot
parent	e251e7ba1ce85d11f3c342b3ae1326a35b7d0b4a	commit \| diff

ssl_cipher_process_rulestr: don't read outside rule_str buffer

If rule_str ended in a "-", "l" was incremented one byte past the
end of the buffer. This resulted in an out-of-bounds read when "l"
is dereferenced at the end of the loop. It is safest to just return
early in this case since the condition occurs inside a nested loop.

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19166)

ssl/ssl_ciph.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom