From b8ae64e7e0f4c2d67535f93596df1c7a715447e9 Mon Sep 17 00:00:00 2001
From: Aaron Jones <aaronmdjones@gmail.com>
Date: Fri, 19 Aug 2016 20:29:49 +0000
Subject: [PATCH] GNUTLS: Avoid null dereference in constructing ciphersuite

---
 rb/gnutls.c | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/rb/gnutls.c b/rb/gnutls.c
index d29007701..e8bd8f0df 100644
--- a/rb/gnutls.c
+++ b/rb/gnutls.c
@@ -752,11 +752,26 @@ rb_ssl_get_cipher(rb_fde_t *F)
 {
 	static char buf[1024];
 
-	snprintf(buf, sizeof(buf), "%s-%s-%s-%s",
-		gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F))),
-		gnutls_kx_get_name(gnutls_kx_get(SSL_P(F))),
-		gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F))),
-		gnutls_mac_get_name(gnutls_mac_get(SSL_P(F))));
+	const char* proto_name =
+	    gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F)));
+
+	const char* kex_alg_name =
+	    gnutls_kx_get_name(gnutls_kx_get(SSL_P(F)));
+
+	const char* cipher_alg_name =
+	    gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F)));
+
+	const char* mac_alg_name =
+	    gnutls_mac_get_name(gnutls_mac_get(SSL_P(F)));
+
+	(void) snprintf(buf, sizeof buf, "%s%s%s%s%s%s%s",
+	                proto_name ? proto_name : "",
+	                proto_name ? ", " : "",
+	                kex_alg_name ? kex_alg_name : "",
+	                kex_alg_name ? "-" : "",
+	                cipher_alg_name ? cipher_alg_name : "",
+	                cipher_alg_name ? "-" : "",
+	                mac_alg_name ? mac_alg_name : "");
 
 	return buf;
 }