[openssl/openssl] 91caaa: ssl_cipher_process_rulestr: don't read outside rul...

Todd C. Miller noreply at github.com
Wed Oct 26 10:51:35 UTC 2022


  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 91caaa3ba3e5db40e13ab7321072ea4cfce188e2
      https://github.com/openssl/openssl/commit/91caaa3ba3e5db40e13ab7321072ea4cfce188e2
  Author: Todd C. Miller <Todd.Miller at sudo.ws>
  Date:   2022-10-26 (Wed, 26 Oct 2022)

  Changed paths:
    M ssl/ssl_ciph.c

  Log Message:
  -----------
  ssl_cipher_process_rulestr: don't read outside rule_str buffer

If rule_str ended in a "-", "l" was incremented one byte past the
end of the buffer.  This resulted in an out-of-bounds read when "l"
is dereferenced at the end of the loop.  It is safest to just return
early in this case since the condition occurs inside a nested loop.

CLA: trivial

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19166)

(cherry picked from commit 428511ca66670e169a0e1b12e7540714b0be4cf8)




More information about the openssl-commits mailing list