From: Tilman Sauerbeck <tilman@code-monkey.de>
Date: Thu, 28 Dec 2017 12:09:20 +0000 (+0100)
Subject: Avoid use of uninitialized pointer in OpenSSL's SSLi_init().
X-Git-Url: http://git.code-monkey.de/?p=umurmur.git;a=commitdiff_plain;h=d72b5e6870c6210208121e982fee31b114d141ba

Avoid use of uninitialized pointer in OpenSSL's SSLi_init().
---

diff --git a/src/ssli_openssl.c b/src/ssli_openssl.c
index 8ff1bcf..4cc1db9 100644
--- a/src/ssli_openssl.c
+++ b/src/ssli_openssl.c
@@ -215,7 +215,7 @@ void SSLi_init(void)
 	int i, offset = 0, cipherstringlen = 0;
 	STACK_OF(SSL_CIPHER) *cipherlist = NULL, *cipherlist_new = NULL;
 	SSL_CIPHER *cipher;
-	char *cipherstring;
+	char *cipherstring = NULL;
 
 	SSL_library_init();
 	OpenSSL_add_all_algorithms();
@@ -271,7 +271,7 @@ void SSLi_init(void)
 	if (cipherlist_new)
 		sk_SSL_CIPHER_free(cipherlist_new);
 
-	if (strlen(cipherstring) == 0)
+	if (!cipherstring || !*cipherstring)
 		Log_fatal("No suitable ciphers found!");
 
 	if (SSL_CTX_set_cipher_list(context, cipherstring) == 0)