Fix uninitialized read in sigalg parsing code The check for a duplicate value was reading one entry past where it was supposed to, getting an uninitialized value. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5172)

commit: c1acef9263b875cc80431b8054049dedc59cd41d [log] [tgz]
author: Benjamin Kaduk <bkaduk@akamai.com> Thu Jan 25 19:30:54 2018 -0600
committer: Benjamin Kaduk <bkaduk@akamai.com> Thu Jan 25 19:40:35 2018 -0600
tree: 63ce553bb3c1f66a0017c050682e2546e1a02e56
parent: 3e524bf2d1748f6757c1f64d63779d4d04f7a859 [diff] [blame]
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d4c9086..7109741 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -1781,7 +1781,7 @@
 
     /* Reject duplicates */
     for (i = 0; i < sarg->sigalgcnt - 1; i++) {
-        if (sarg->sigalgs[i] == sarg->sigalgs[sarg->sigalgcnt]) {
+        if (sarg->sigalgs[i] == sarg->sigalgs[sarg->sigalgcnt - 1]) {
             sarg->sigalgcnt--;
             return 0;
         }
commit	c1acef9263b875cc80431b8054049dedc59cd41d	[log] [tgz]
author	Benjamin Kaduk <bkaduk@akamai.com>	Thu Jan 25 19:30:54 2018 -0600
committer	Benjamin Kaduk <bkaduk@akamai.com>	Thu Jan 25 19:40:35 2018 -0600
tree	63ce553bb3c1f66a0017c050682e2546e1a02e56
parent	3e524bf2d1748f6757c1f64d63779d4d04f7a859 [diff] [blame]