Dear OpenSSL developers community, The attached patch remove two conditions in for() loops that can cause an undefined behavior leading to an out-of-bound read in ssl/s3_srvr.c. However, I don't see any security implication here.
I have discovered them using the -fsanitize=undefined option of LLVM. Cheers, Pascal
1841,1843c1841,1847 < for (i=0; r[i] != NULL && i<4; i++) < { < nr[i]=BN_num_bytes(r[i]); --- > for (i=0; i<4; i++) > { > if (r[i] == NULL) { > break; > } > > nr[i]=BN_num_bytes(r[i]); 1850c1854 < } --- > } 1877,1878c1881,1885 < for (i=0; r[i] != NULL && i<4; i++) < { --- > for (i=0; i<4; i++) > { > if (r[i] == NULL) { > break; > } 1890c1897 < } --- > }