[openssl-commits] [openssl] master update

Fri Feb 12 19:03:14 UTC 2016

The branch master has been updated
       via  6faffd0ad23801dc540d3865bfd5bbb92e40c791 (commit)
      from  c680f77fb181483d6d6ceee8c60eac6e568898c0 (commit)


- Log -----------------------------------------------------------------
commit 6faffd0ad23801dc540d3865bfd5bbb92e40c791
Author: Richard Levitte <levitte at openssl.org>
Date:   Fri Feb 12 19:44:55 2016 +0100

    Better workaround for VMS getnameinfo() bug
    
    The actual bug with current getnameinfo() on VMS is not that it puts
    gibberish in the service buffer, but that it doesn't touch it at all.
    The gibberish we dealt with before was simply stuff that happened to
    be on the stack.
    
    It's better to initialise the service buffer properly (with the empty
    string) and check if it's still an empty string after the
    getnameinfo() call, and fill it with the direct numerical translation
    of the raw port if that's the case.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/bio/b_addr.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c
index 459443b..20ef8ec 100644
--- a/crypto/bio/b_addr.c
+++ b/crypto/bio/b_addr.c
@@ -229,7 +229,7 @@ static int addr_strings(const BIO_ADDR *ap, int numeric,
     if (1) {
 #ifdef AI_PASSIVE
         int ret = 0;
-        char host[NI_MAXHOST], serv[NI_MAXSERV];
+        char host[NI_MAXHOST] = "", serv[NI_MAXSERV] = "";
         int flags = 0;
 
         if (numeric)
@@ -252,11 +252,13 @@ static int addr_strings(const BIO_ADDR *ap, int numeric,
             return 0;
         }
 
-        /* VMS getnameinfo() seems to have a bug, where serv gets filled
-         * with gibberish.  We can at least check for digits when flags
-         * has NI_NUMERICSERV enabled
+        /* VMS getnameinfo() has a bug, it doesn't fill in serv, which
+         * leaves it with whatever garbage that happens to be there.
+         * However, we initialise serv with the empty string (serv[0]
+         * is therefore NUL), so it gets real easy to detect when things
+         * didn't go the way one might expect.
          */
-        if ((flags & NI_NUMERICSERV) != 0 && !isdigit(serv[0])) {
+        if (serv[0] == '\0') {
             BIO_snprintf(serv, sizeof(serv), "%d",
                          ntohs(BIO_ADDR_rawport(ap)));
         }
