From 8dc129f8fda9b93b170c2e78d999240cb2898c85 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 18 Dec 2021 23:37:58 +0100
Subject: fixup special handling for the too long case

---
 lib/vtls/nss.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index dbe049449..260ff0b04 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -343,7 +343,11 @@ static SECStatus set_ciphers(struct Curl_easy *data, PRFileDesc *model,
     else
       len = strlen(cipher);
 
-    if(len && (len < MAX_CIPHER_LENGTH)) {
+    if(len > MAX_CIPHER_LENGTH) {
+      failf(data, "Bad cipher list");
+      return SECFailure;
+    }
+    else if(len) {
       memcpy(name, cipher, len);
       name[len] = 0;
 
-- 
cgit v1.2.1