From 4906854293fb97f83a56f97959c95bb02a1861fe Mon Sep 17 00:00:00 2001
From: Aaron Jones <aaronmdjones@gmail.com>
Date: Fri, 19 Aug 2016 20:26:43 +0000
Subject: [PATCH] GNUTLS: Avoid null dereference in constructing ciphersuite

---
 librb/src/gnutls.c | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/librb/src/gnutls.c b/librb/src/gnutls.c
index ba700412..45c77962 100644
--- a/librb/src/gnutls.c
+++ b/librb/src/gnutls.c
@@ -754,11 +754,26 @@ rb_ssl_get_cipher(rb_fde_t *F)
 {
 	static char buf[1024];
 
-	snprintf(buf, sizeof(buf), "%s-%s-%s-%s",
-		gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F))),
-		gnutls_kx_get_name(gnutls_kx_get(SSL_P(F))),
-		gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F))),
-		gnutls_mac_get_name(gnutls_mac_get(SSL_P(F))));
+	const char* proto_name =
+	    gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F)));
+
+	const char* kex_alg_name =
+	    gnutls_kx_get_name(gnutls_kx_get(SSL_P(F)));
+
+	const char* cipher_alg_name =
+	    gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F)));
+
+	const char* mac_alg_name =
+	    gnutls_mac_get_name(gnutls_mac_get(SSL_P(F)));
+
+	(void) snprintf(buf, sizeof buf, "%s%s%s%s%s%s%s",
+	                proto_name ? proto_name : "",
+	                proto_name ? ", " : "",
+	                kex_alg_name ? kex_alg_name : "",
+	                kex_alg_name ? "-" : "",
+	                cipher_alg_name ? cipher_alg_name : "",
+	                cipher_alg_name ? "-" : "",
+	                mac_alg_name ? mac_alg_name : "");
 
 	return buf;
 }