Fix uninitialized read in sigalg parsing code The check for a duplicate value was reading one entry past where it was supposed to, getting an uninitialized value. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5172)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index d4c9086..7109741 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c
@@ -1781,7 +1781,7 @@ /* Reject duplicates */ for (i = 0; i < sarg->sigalgcnt - 1; i++) { - if (sarg->sigalgs[i] == sarg->sigalgs[sarg->sigalgcnt]) { + if (sarg->sigalgs[i] == sarg->sigalgs[sarg->sigalgcnt - 1]) { sarg->sigalgcnt--; return 0; }