Avoid an internal 2 byte overread in ssl_sigalgs().

Found by oss-fuzz, fixes issue #13797. ok beck@ tb@
author: jsing <> 2019-03-19 16:56:04 +0000
committer: jsing <> 2019-03-19 16:56:04 +0000
commit: 9ae692347a234e6733cfcda5ecaaa6d4308eb627 (patch)
tree: c7c8d31aaad42ee7c2dfaeca9df96e139d09d847 /src/lib
parent: 962b1b0ed5b16b038f5d40e6fb7016cd60a6eaac (diff)
download: openbsd-9ae692347a234e6733cfcda5ecaaa6d4308eb627.tar.gz
openbsd-9ae692347a234e6733cfcda5ecaaa6d4308eb627.tar.bz2
openbsd-9ae692347a234e6733cfcda5ecaaa6d4308eb627.zip
1 files changed, 2 insertions, 7 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index fdea93e1b0..3a7f6d6687 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.16 2019/01/24 00:07:58 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.17 2019/03/19 16:56:04 jsing Exp $ */
 /*
 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
 *
@@ -209,16 +209,11 @@ ssl_sigalg_lookup(uint16_t sigalg)
 const struct ssl_sigalg *
 ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len)
 {
-        const struct ssl_sigalg *sap;
        int i;
        for (i = 0; i < len; i++) {
                if (values[i] == sigalg)
-                        break;
+                        return ssl_sigalg_lookup(sigalg);
-        }
-        if (values[i] == sigalg) {
-                if ((sap = ssl_sigalg_lookup(sigalg)) != NULL)
-                        return sap;
        }
        return NULL;
author	jsing <>	2019-03-19 16:56:04 +0000
committer	jsing <>	2019-03-19 16:56:04 +0000
commit	9ae692347a234e6733cfcda5ecaaa6d4308eb627 (patch)
tree	c7c8d31aaad42ee7c2dfaeca9df96e139d09d847 /src/lib
parent	962b1b0ed5b16b038f5d40e6fb7016cd60a6eaac (diff)
download	openbsd-9ae692347a234e6733cfcda5ecaaa6d4308eb627.tar.gz openbsd-9ae692347a234e6733cfcda5ecaaa6d4308eb627.tar.bz2 openbsd-9ae692347a234e6733cfcda5ecaaa6d4308eb627.zip