From 3c599f11b03a5bec57187b92f3dcef9ab15f91b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 10 Mar 2014 13:25:07 +0100 Subject: [PATCH] Avoid possible segfault on bad server ciphersuite --- library/ssl_cli.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4e42c0bb2..b509e376e 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -867,15 +867,15 @@ static int ssl_parse_server_hello( ssl_context *ssl ) * Initialize update checksum functions */ ssl->transform_negotiate->ciphersuite_info = ssl_ciphersuite_from_id( i ); - ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); if( ssl->transform_negotiate->ciphersuite_info == NULL ) { - SSL_DEBUG_MSG( 1, ( "ciphersuite info for %02x not found", - ssl->ciphersuite_list[ssl->minor_ver][i] ) ); + SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); } + ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info ); + SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n );