jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

OpenSSL: Reject empty cipher list in tls_connection_set_cipher_list()

Browse source 
Previously, this invalid call would have resulted in printing out a
string from uninitialized memory

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2017-02-11 15:56:47 +02:00
parent 3af37ece19
commit 063d28ec83
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/crypto/tls_openssl.c
View file

@ -4437,6 +4437,10 @@ int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn,
c++; c++;
} }
if (!buf[0]) {
wpa_printf(MSG_DEBUG, "OpenSSL: No ciphers listed");
return -1;
}
wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1); wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1);