[openssl/openssl] 3efb41: ssl_cipher_process_rulestr: don't read outside rul...

Todd C. Miller Wed, 26 Oct 2022 03:51:50 -0700

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 3efb41c026d7de1442517ba5d49aa60b93c7f124
      
https://github.com/openssl/openssl/commit/3efb41c026d7de1442517ba5d49aa60b93c7f124
  Author: Todd C. Miller <todd.mil...@sudo.ws>
  Date:   2022-10-26 (Wed, 26 Oct 2022)


  Changed paths:
    M ssl/ssl_ciph.c

  Log Message:
  -----------
  ssl_cipher_process_rulestr: don't read outside rule_str buffer

If rule_str ended in a "-", "l" was incremented one byte past the
end of the buffer.  This resulted in an out-of-bounds read when "l"
is dereferenced at the end of the loop.  It is safest to just return
early in this case since the condition occurs inside a nested loop.

CLA: trivial

Reviewed-by: Paul Dale <pa...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19166)

(cherry picked from commit 428511ca66670e169a0e1b12e7540714b0be4cf8)

[openssl/openssl] 3efb41: ssl_cipher_process_rulestr: don't read outside rul...

Reply via email to