* ext/openssl/ossl_ssl.c (ssl_npn_select_cb_common): fix parsing

  protocol list.
  The protocol list from OpenSSL is not null-terminated.
  patched by Kazuki Yamaguchi [Bug #11810] [ruby-core:72082]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53064 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 7 insertions, 10 deletions

diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 553eb14252..4075d6f001 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -585,19 +585,16 @@ ssl_npn_select_cb_common(VALUE cb, const unsigned char **out, unsigned char *out
 {
     VALUE selected;
     long len;
-    unsigned char l;
     VALUE protocols = rb_ary_new();
+    unsigned char l;
+    const unsigned char *in_end = in + inlen;
 
-    /* The format is len_1|proto_1|...|len_n|proto_n\0 */
-    while ((l = *in++) != '\0') {
-	VALUE protocol;
-	if (l > inlen) {
-	    ossl_raise(eSSLError, "Invalid protocol name list");
-	}
-	protocol = rb_str_new((const char *)in, l);
-	rb_ary_push(protocols, protocol);
+    /* assume OpenSSL verifies this format */
+    /* The format is len_1|proto_1|...|len_n|proto_n */
+    while (in < in_end) {
+	l = *in++;
+	rb_ary_push(protocols, rb_str_new((const char *)in, l));
 	in += l;
-	inlen -= l;
     }
 
     selected = rb_funcall(cb, rb_intern("call"), 1, protocols);