Fix ordering of compare functions: strncmp() must be used first, a

the cipher name in the list is not guaranteed to be at least "buflen" long. PR: 567 Submitted by: "Matt Harren" <matth@cs.berkeley.edu>
author: Lutz Jänicke <jaenicke@openssl.org> 2003-04-08 06:31:36 +0000
committer: Lutz Jänicke <jaenicke@openssl.org> 2003-04-08 06:31:36 +0000
commit: f65a75786b4eaf633ffab2ccb52f2c0dd51d268d (patch)
tree: 97d5b88005df1c818c358e78cf9e99c745428690 /ssl
parent: 0b553683063250d29c4e5405844b860724fb8009 (diff)
download: openssl-f65a75786b4eaf633ffab2ccb52f2c0dd51d268d.tar.gz
1 files changed, 4 insertions, 3 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index d4f86f6ed9..f175dc8756 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -715,13 +715,14 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
 			 * So additionally check whether the cipher name found
 			 * has the correct length. We can save a strlen() call:
 			 * just checking for the '\0' at the right place is
-			 * sufficient, we have to strncmp() anyway.
+			 * sufficient, we have to strncmp() anyway. (We cannot
+			 * use strcmp(), because buf is not '\0' terminated.)
 			 */
 			 j = found = 0;
 			 while (ca_list[j])
 				{
-				if ((ca_list[j]->name[buflen] == '\0') &&
-				    !strncmp(buf, ca_list[j]->name, buflen))
+				if (!strncmp(buf, ca_list[j]->name, buflen) &&
+				    (ca_list[j]->name[buflen] == '\0'))
 					{
 					found = 1;
 					break;
author	Lutz Jänicke <jaenicke@openssl.org>	2003-04-08 06:31:36 +0000
committer	Lutz Jänicke <jaenicke@openssl.org>	2003-04-08 06:31:36 +0000
commit	f65a75786b4eaf633ffab2ccb52f2c0dd51d268d (patch)
tree	97d5b88005df1c818c358e78cf9e99c745428690 /ssl
parent	0b553683063250d29c4e5405844b860724fb8009 (diff)
download	openssl-f65a75786b4eaf633ffab2ccb52f2c0dd51d268d.tar.gz