From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Thu, 16 Jan 2020 12:55:24 +0000 (+0000)
Subject: [Minor] Check string length to avoid OOB reading
X-Git-Tag: 2.3~99
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=7e0bf487c39571d8fd228a2802f544ac11faa481;p=rspamd.git

[Minor] Check string length to avoid OOB reading
---

diff --git a/src/libutil/ssl_util.c b/src/libutil/ssl_util.c
index f2898d592..c43ace454 100644
--- a/src/libutil/ssl_util.c
+++ b/src/libutil/ssl_util.c
@@ -401,7 +401,7 @@ rspamd_tls_set_error (gint retcode, const gchar *stage, GError **err)
 
 		err_code = last_err;
 
-		if (reason->str[reason->len - 1] == ',') {
+		if (reason->len > 0 && reason->str[reason->len - 1] == ',') {
 			reason->str[reason->len - 1] = '\0';
 			reason->len --;
 		}