From 9ae692347a234e6733cfcda5ecaaa6d4308eb627 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Tue, 19 Mar 2019 16:56:04 +0000
Subject: Avoid an internal 2 byte overread in ssl_sigalgs().

Found by oss-fuzz, fixes issue #13797.

ok beck@ tb@
---
 src/lib/libssl/ssl_sigalgs.c | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index fdea93e1b0..3a7f6d6687 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.16 2019/01/24 00:07:58 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.17 2019/03/19 16:56:04 jsing Exp $ */
 /*
  * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
  *
@@ -209,16 +209,11 @@ ssl_sigalg_lookup(uint16_t sigalg)
 const struct ssl_sigalg *
 ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len)
 {
-	const struct ssl_sigalg *sap;
 	int i;
 
 	for (i = 0; i < len; i++) {
 		if (values[i] == sigalg)
-			break;
-	}
-	if (values[i] == sigalg) {
-		if ((sap = ssl_sigalg_lookup(sigalg)) != NULL)
-			return sap;
+			return ssl_sigalg_lookup(sigalg);
 	}
 
 	return NULL;
-- 
cgit v1.2.3-55-g6feb