Module Name: src
Committed By: christos
Date: Thu Oct 27 16:20:23 UTC 2022
Modified Files:
src/crypto/external/bsd/openssl/dist/ssl: ssl_ciph.c
Log Message:
merge upstream commit 9b3219ba544db82cdad3058b9872058739559944:
If rule_str ended in a "-", "l" was incremented one byte past the
end of the buffer. This resulted in an out-of-bounds read when "l"
is dereferenced at the end of the loop. It is safest to just return
early in this case since the condition occurs inside a nested loop.
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 \
src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c
diff -u src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c:1.21 src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c:1.22
--- src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c:1.21 Fri Jan 7 10:50:11 2022
+++ src/crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c Thu Oct 27 12:20:23 2022
@@ -1026,9 +1026,7 @@ static int ssl_cipher_process_rulestr(co
* alphanumeric, so we call this an error.
*/
SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND);
- retval = found = 0;
- l++;
- break;
+ return 0;
}
if (rule == CIPHER_SPECIAL) {
