--- openssl-0.9.7g/ssl/ssl_lib.c.cve-2006-3738 2005-03-23 01:21:30.000000000 -0700 +++ openssl-0.9.7g/ssl/ssl_lib.c 2006-09-26 14:32:41.000000000 -0600 @@ -1167,7 +1167,7 @@ char *SSL_get_shared_ciphers(const SSL * c=sk_SSL_CIPHER_value(sk,i); for (cp=c->name; *cp; ) { - if (len-- == 0) + if (len-- <= 0) { *p='\0'; return(buf); --- openssl-0.9.7g/ssl/s3_srvr.c.cve-2006-3738 2006-09-26 14:33:51.000000000 -0600 +++ openssl-0.9.7g/ssl/s3_srvr.c 2006-09-26 14:35:36.000000000 -0600 @@ -1727,7 +1727,7 @@ static int ssl3_get_client_key_exchange( if (kssl_ctx->client_princ) { - int len = strlen(kssl_ctx->client_princ); + size_t len = strlen(kssl_ctx->client_princ); if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH ) { s->session->krb5_client_princ_len = len;