mirror of
https://github.com/openssl/openssl.git
synced 2024-11-25 11:03:37 +08:00
Fix ordering of compare functions: strncmp() must be used first, a
the cipher name in the list is not guaranteed to be at least "buflen" long. PR: 567 Submitted by: "Matt Harren" <matth@cs.berkeley.edu>
This commit is contained in:
parent
0b55368306
commit
f65a75786b
@ -715,13 +715,14 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
|
||||
* So additionally check whether the cipher name found
|
||||
* has the correct length. We can save a strlen() call:
|
||||
* just checking for the '\0' at the right place is
|
||||
* sufficient, we have to strncmp() anyway.
|
||||
* sufficient, we have to strncmp() anyway. (We cannot
|
||||
* use strcmp(), because buf is not '\0' terminated.)
|
||||
*/
|
||||
j = found = 0;
|
||||
while (ca_list[j])
|
||||
{
|
||||
if ((ca_list[j]->name[buflen] == '\0') &&
|
||||
!strncmp(buf, ca_list[j]->name, buflen))
|
||||
if (!strncmp(buf, ca_list[j]->name, buflen) &&
|
||||
(ca_list[j]->name[buflen] == '\0'))
|
||||
{
|
||||
found = 1;
|
||||
break;
|
||||
|
Loading…
Reference in New Issue
Block a user