ssl: guard ciphersuite_cb() against NULL elem from CONF_parse_list

ssl: guard ciphersuite_cb() against NULL elem from CONF_parse_list

CONF_parse_list() invokes its callback with elem=NULL and len=0 for
empty list elements (e.g. consecutive separators like "A::B").
ciphersuite_cb() passed elem directly to memcpy() without checking for
NULL, triggering undefined behaviour on any input containing an empty
ciphersuite token.

Skip empty elements early by returning 1 before any pointer dereference.

Fixes #30919

Reviewed-by: Daniel Kubec <kubec@openssl.foundation>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
MergeDate: Tue May 26 08:56:52 2026
(Merged from https://github.com/openssl/openssl/pull/31023)