From b8ae64e7e0f4c2d67535f93596df1c7a715447e9 Mon Sep 17 00:00:00 2001 From: Aaron Jones Date: Fri, 19 Aug 2016 20:29:49 +0000 Subject: [PATCH] GNUTLS: Avoid null dereference in constructing ciphersuite --- rb/gnutls.c | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/rb/gnutls.c b/rb/gnutls.c index d29007701..e8bd8f0df 100644 --- a/rb/gnutls.c +++ b/rb/gnutls.c @@ -752,11 +752,26 @@ rb_ssl_get_cipher(rb_fde_t *F) { static char buf[1024]; - snprintf(buf, sizeof(buf), "%s-%s-%s-%s", - gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F))), - gnutls_kx_get_name(gnutls_kx_get(SSL_P(F))), - gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F))), - gnutls_mac_get_name(gnutls_mac_get(SSL_P(F)))); + const char* proto_name = + gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F))); + + const char* kex_alg_name = + gnutls_kx_get_name(gnutls_kx_get(SSL_P(F))); + + const char* cipher_alg_name = + gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F))); + + const char* mac_alg_name = + gnutls_mac_get_name(gnutls_mac_get(SSL_P(F))); + + (void) snprintf(buf, sizeof buf, "%s%s%s%s%s%s%s", + proto_name ? proto_name : "", + proto_name ? ", " : "", + kex_alg_name ? kex_alg_name : "", + kex_alg_name ? "-" : "", + cipher_alg_name ? cipher_alg_name : "", + cipher_alg_name ? "-" : "", + mac_alg_name ? mac_alg_name : ""); return buf; }