[openssl-commits] [openssl] master update
paul.dale at oracle.com
paul.dale at oracle.com
Sun Jul 9 23:14:57 UTC 2017
The branch master has been updated
via a2371fa93365cc0bc0e46b9d65f3a47a074b1c30 (commit)
from a7ff57965b81ce4fd73a18266ce29abf6b909fdb (commit)
- Log -----------------------------------------------------------------
commit a2371fa93365cc0bc0e46b9d65f3a47a074b1c30
Author: Pauli <paul.dale at oracle.com>
Date: Thu Jul 6 14:56:20 2017 +1000
Trivial bounds checking.
Bounds checking strpy, strcat and sprintf.
These are the remaining easy ones to cover a recently removed commit.
Some are trivial, some have been modified and a couple left as they are because the reverted change didn't bounds check properly.
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3871)
-----------------------------------------------------------------------
Summary of changes:
crypto/conf/conf_def.c | 27 ++++++------
crypto/conf/conf_mod.c | 15 +++----
crypto/des/ecb_enc.c | 13 +++---
crypto/evp/evp_pbe.c | 6 +--
crypto/objects/obj_dat.c | 112 +++++++++++++++++++++++------------------------
crypto/rand/rand_egd.c | 16 +++----
crypto/x509/by_dir.c | 4 +-
crypto/x509v3/v3_alt.c | 7 +--
crypto/x509v3/v3_info.c | 7 +--
9 files changed, 100 insertions(+), 107 deletions(-)
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 78acdec..65eca65 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -317,13 +317,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
}
if (psection == NULL)
psection = section;
- v->name = OPENSSL_malloc(strlen(pname) + 1);
+ v->name = OPENSSL_strdup(pname);
v->value = NULL;
if (v->name == NULL) {
CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
goto err;
}
- strcpy(v->name, pname);
if (!str_copy(conf, psection, &(v->value), start))
goto err;
@@ -347,13 +346,13 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
}
BUF_MEM_free(buff);
OPENSSL_free(section);
- return (1);
+ return 1;
err:
BUF_MEM_free(buff);
OPENSSL_free(section);
if (line != NULL)
*line = eline;
- sprintf(btmp, "%ld", eline);
+ BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
ERR_add_error_data(2, "line ", btmp);
if (h != conf->data) {
CONF_free(conf->data);
@@ -364,7 +363,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
OPENSSL_free(v->value);
OPENSSL_free(v);
}
- return (0);
+ return 0;
}
static void clear_comments(CONF *conf, char *p)
@@ -411,7 +410,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
BUF_MEM *buf;
if ((buf = BUF_MEM_new()) == NULL)
- return (0);
+ return 0;
len = strlen(from) + 1;
if (!BUF_MEM_grow(buf, len))
@@ -551,17 +550,17 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
OPENSSL_free(*pto);
*pto = buf->data;
OPENSSL_free(buf);
- return (1);
+ return 1;
err:
BUF_MEM_free(buf);
- return (0);
+ return 0;
}
static char *eat_ws(CONF *conf, char *p)
{
while (IS_WS(conf, *p) && (!IS_EOF(conf, *p)))
p++;
- return (p);
+ return p;
}
static char *eat_alpha_numeric(CONF *conf, char *p)
@@ -572,7 +571,7 @@ static char *eat_alpha_numeric(CONF *conf, char *p)
continue;
}
if (!IS_ALPHA_NUMERIC_PUNCT(conf, *p))
- return (p);
+ return p;
p++;
}
}
@@ -586,13 +585,13 @@ static char *scan_quote(CONF *conf, char *p)
if (IS_ESC(conf, *p)) {
p++;
if (IS_EOF(conf, *p))
- return (p);
+ return p;
}
p++;
}
if (*p == q)
p++;
- return (p);
+ return p;
}
static char *scan_dquote(CONF *conf, char *p)
@@ -612,7 +611,7 @@ static char *scan_dquote(CONF *conf, char *p)
}
if (*p == q)
p++;
- return (p);
+ return p;
}
static void dump_value_doall_arg(const CONF_VALUE *a, BIO *out)
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 33a9698..932c69d 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -170,8 +170,9 @@ static int module_run(const CONF *cnf, const char *name, const char *value,
if (ret <= 0) {
if (!(flags & CONF_MFLAGS_SILENT)) {
char rcode[DECIMAL_SIZE(ret) + 1];
+
CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
- sprintf(rcode, "%-8d", ret);
+ BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret);
ERR_add_error_data(6, "module=", name, ", value=", value,
", retcode=", rcode);
}
@@ -475,7 +476,7 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
char *CONF_get1_default_config_file(void)
{
- char *file;
+ char *file, *sep = "";
int len;
file = getenv("OPENSSL_CONF");
@@ -485,6 +486,7 @@ char *CONF_get1_default_config_file(void)
len = strlen(X509_get_default_cert_area());
#ifndef OPENSSL_SYS_VMS
len++;
+ sep = "/";
#endif
len += strlen(OPENSSL_CONF);
@@ -492,11 +494,8 @@ char *CONF_get1_default_config_file(void)
if (file == NULL)
return NULL;
- strcpy(file, X509_get_default_cert_area());
-#ifndef OPENSSL_SYS_VMS
- strcat(file, "/");
-#endif
- strcat(file, OPENSSL_CONF);
+ BIO_snprintf(file, len + 1, "%s%s%s", X509_get_default_cert_area(),
+ sep, OPENSSL_CONF);
return file;
}
diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
index 0b292a2..5ed079d 100644
--- a/crypto/des/ecb_enc.c
+++ b/crypto/des/ecb_enc.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -15,19 +15,16 @@
const char *DES_options(void)
{
static int init = 1;
- static char buf[32];
+ static char buf[12];
if (init) {
- const char *size;
-
if (sizeof(DES_LONG) != sizeof(long))
- size = "int";
+ OPENSSL_strlcpy(buf, "des(int)", sizeof(buf));
else
- size = "long";
- sprintf(buf, "des(%s)", size);
+ OPENSSL_strlcpy(buf, "des(long)", sizeof(buf));
init = 0;
}
- return (buf);
+ return buf;
}
void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
index 354532d..ebc74af 100644
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -90,9 +90,9 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
char obj_tmp[80];
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
if (!pbe_obj)
- strcpy(obj_tmp, "NULL");
+ OPENSSL_strlcpy(obj_tmp, "NULL", sizeof(obj_tmp));
else
- i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
+ i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), pbe_obj);
ERR_add_error_data(2, "TYPE=", obj_tmp);
return 0;
}
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 72919ce..4de346b 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -40,14 +40,14 @@ static LHASH_OF(ADDED_OBJ) *added = NULL;
static int sn_cmp(const ASN1_OBJECT *const *a, const unsigned int *b)
{
- return (strcmp((*a)->sn, nid_objs[*b].sn));
+ return strcmp((*a)->sn, nid_objs[*b].sn);
}
IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
static int ln_cmp(const ASN1_OBJECT *const *a, const unsigned int *b)
{
- return (strcmp((*a)->ln, nid_objs[*b].ln));
+ return strcmp((*a)->ln, nid_objs[*b].ln);
}
IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
@@ -82,7 +82,7 @@ static unsigned long added_obj_hash(const ADDED_OBJ *ca)
}
ret &= 0x3fffffffL;
ret |= ((unsigned long)ca->type) << 30L;
- return (ret);
+ return ret;
}
static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
@@ -92,31 +92,31 @@ static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
i = ca->type - cb->type;
if (i)
- return (i);
+ return i;
a = ca->obj;
b = cb->obj;
switch (ca->type) {
case ADDED_DATA:
i = (a->length - b->length);
if (i)
- return (i);
- return (memcmp(a->data, b->data, (size_t)a->length));
+ return i;
+ return memcmp(a->data, b->data, (size_t)a->length);
case ADDED_SNAME:
if (a->sn == NULL)
- return (-1);
+ return -1;
else if (b->sn == NULL)
- return (1);
+ return 1;
else
- return (strcmp(a->sn, b->sn));
+ return strcmp(a->sn, b->sn);
case ADDED_LNAME:
if (a->ln == NULL)
- return (-1);
+ return -1;
else if (b->ln == NULL)
- return (1);
+ return 1;
else
- return (strcmp(a->ln, b->ln));
+ return strcmp(a->ln, b->ln);
case ADDED_NID:
- return (a->nid - b->nid);
+ return a->nid - b->nid;
default:
/* abort(); */
return 0;
@@ -126,9 +126,9 @@ static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
static int init_added(void)
{
if (added != NULL)
- return (1);
+ return 1;
added = lh_ADDED_OBJ_new(added_obj_hash, added_obj_cmp);
- return (added != NULL);
+ return added != NULL;
}
static void cleanup1_doall(ADDED_OBJ *a)
@@ -168,7 +168,7 @@ int OBJ_new_nid(int num)
i = new_nid;
new_nid += num;
- return (i);
+ return i;
}
int OBJ_add_object(const ASN1_OBJECT *obj)
@@ -179,7 +179,7 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
if (added == NULL)
if (!init_added())
- return (0);
+ return 0;
if ((o = OBJ_dup(obj)) == NULL)
goto err;
if ((ao[ADDED_NID] = OPENSSL_malloc(sizeof(*ao[0]))) == NULL)
@@ -207,14 +207,14 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
ASN1_OBJECT_FLAG_DYNAMIC_DATA);
- return (o->nid);
+ return o->nid;
err2:
OBJerr(OBJ_F_OBJ_ADD_OBJECT, ERR_R_MALLOC_FAILURE);
err:
for (i = ADDED_DATA; i <= ADDED_NID; i++)
OPENSSL_free(ao[i]);
OPENSSL_free(o);
- return (NID_undef);
+ return NID_undef;
}
ASN1_OBJECT *OBJ_nid2obj(int n)
@@ -225,21 +225,21 @@ ASN1_OBJECT *OBJ_nid2obj(int n)
if ((n >= 0) && (n < NUM_NID)) {
if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
- return (NULL);
+ return NULL;
}
- return ((ASN1_OBJECT *)&(nid_objs[n]));
+ return (ASN1_OBJECT *)&(nid_objs[n]);
} else if (added == NULL)
- return (NULL);
+ return NULL;
else {
ad.type = ADDED_NID;
ad.obj = &ob;
ob.nid = n;
adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
- return (adp->obj);
+ return adp->obj;
else {
OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
- return (NULL);
+ return NULL;
}
}
}
@@ -252,21 +252,21 @@ const char *OBJ_nid2sn(int n)
if ((n >= 0) && (n < NUM_NID)) {
if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
OBJerr(OBJ_F_OBJ_NID2SN, OBJ_R_UNKNOWN_NID);
- return (NULL);
+ return NULL;
}
- return (nid_objs[n].sn);
+ return nid_objs[n].sn;
} else if (added == NULL)
- return (NULL);
+ return NULL;
else {
ad.type = ADDED_NID;
ad.obj = &ob;
ob.nid = n;
adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
- return (adp->obj->sn);
+ return adp->obj->sn;
else {
OBJerr(OBJ_F_OBJ_NID2SN, OBJ_R_UNKNOWN_NID);
- return (NULL);
+ return NULL;
}
}
}
@@ -279,21 +279,21 @@ const char *OBJ_nid2ln(int n)
if ((n >= 0) && (n < NUM_NID)) {
if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
OBJerr(OBJ_F_OBJ_NID2LN, OBJ_R_UNKNOWN_NID);
- return (NULL);
+ return NULL;
}
- return (nid_objs[n].ln);
+ return nid_objs[n].ln;
} else if (added == NULL)
- return (NULL);
+ return NULL;
else {
ad.type = ADDED_NID;
ad.obj = &ob;
ob.nid = n;
adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
- return (adp->obj->ln);
+ return adp->obj->ln;
else {
OBJerr(OBJ_F_OBJ_NID2LN, OBJ_R_UNKNOWN_NID);
- return (NULL);
+ return NULL;
}
}
}
@@ -306,10 +306,10 @@ static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp)
j = (a->length - b->length);
if (j)
- return (j);
+ return j;
if (a->length == 0)
return 0;
- return (memcmp(a->data, b->data, a->length));
+ return memcmp(a->data, b->data, a->length);
}
IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
@@ -320,9 +320,9 @@ int OBJ_obj2nid(const ASN1_OBJECT *a)
ADDED_OBJ ad, *adp;
if (a == NULL)
- return (NID_undef);
+ return NID_undef;
if (a->nid != 0)
- return (a->nid);
+ return a->nid;
if (a->length == 0)
return NID_undef;
@@ -332,12 +332,12 @@ int OBJ_obj2nid(const ASN1_OBJECT *a)
ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */
adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
- return (adp->obj->nid);
+ return adp->obj->nid;
}
op = OBJ_bsearch_obj(&a, obj_objs, NUM_OBJ);
if (op == NULL)
- return (NID_undef);
- return (nid_objs[*op].nid);
+ return NID_undef;
+ return nid_objs[*op].nid;
}
/*
@@ -404,7 +404,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
buf[0] = '\0';
if ((a == NULL) || (a->data == NULL))
- return (0);
+ return 0;
if (!no_name && (nid = OBJ_obj2nid(a)) != NID_undef) {
const char *s;
@@ -500,7 +500,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
n += i;
OPENSSL_free(bndec);
} else {
- sprintf(tbuf, ".%lu", l);
+ BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l);
i = strlen(tbuf);
if (buf && (buf_len > 0)) {
OPENSSL_strlcpy(buf, tbuf, buf_len);
@@ -548,12 +548,12 @@ int OBJ_ln2nid(const char *s)
ad.obj = &o;
adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
- return (adp->obj->nid);
+ return adp->obj->nid;
}
op = OBJ_bsearch_ln(&oo, ln_objs, NUM_LN);
if (op == NULL)
- return (NID_undef);
- return (nid_objs[*op].nid);
+ return NID_undef;
+ return nid_objs[*op].nid;
}
int OBJ_sn2nid(const char *s)
@@ -569,12 +569,12 @@ int OBJ_sn2nid(const char *s)
ad.obj = &o;
adp = lh_ADDED_OBJ_retrieve(added, &ad);
if (adp != NULL)
- return (adp->obj->nid);
+ return adp->obj->nid;
}
op = OBJ_bsearch_sn(&oo, sn_objs, NUM_SN);
if (op == NULL)
- return (NID_undef);
- return (nid_objs[*op].nid);
+ return NID_undef;
+ return nid_objs[*op].nid;
}
const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
@@ -593,7 +593,7 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
const char *p = NULL;
if (num == 0)
- return (NULL);
+ return NULL;
l = 0;
h = num;
while (l < h) {
@@ -629,7 +629,7 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
i--;
p = &(base[i * size]);
}
- return (p);
+ return p;
}
int OBJ_create_objects(BIO *in)
@@ -642,10 +642,10 @@ int OBJ_create_objects(BIO *in)
s = o = NULL;
i = BIO_gets(in, buf, 512);
if (i <= 0)
- return (num);
+ return num;
buf[i - 1] = '\0';
if (!isalnum((unsigned char)buf[0]))
- return (num);
+ return num;
o = s = buf;
while (isdigit((unsigned char)*s) || (*s == '.'))
s++;
@@ -671,9 +671,9 @@ int OBJ_create_objects(BIO *in)
} else
s = NULL;
if ((o == NULL) || (*o == '\0'))
- return (num);
+ return num;
if (!OBJ_create(o, s, l))
- return (num);
+ return num;
num++;
}
}
diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
index 3f812c6..1b091e8 100644
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -56,17 +56,17 @@ NON_EMPTY_TRANSLATION_UNIT
# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)
int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
{
- return (-1);
+ return -1;
}
int RAND_egd(const char *path)
{
- return (-1);
+ return -1;
}
int RAND_egd_bytes(const char *path, int bytes)
{
- return (-1);
+ return -1;
}
# else
# include <openssl/opensslconf.h>
@@ -101,12 +101,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
if (strlen(path) >= sizeof(addr.sun_path))
- return (-1);
+ return -1;
strcpy(addr.sun_path, path);
len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd == -1)
- return (-1);
+ return -1;
success = 0;
while (!success) {
if (connect(fd, (struct sockaddr *)&addr, len) == 0)
@@ -223,7 +223,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
err:
if (fd != -1)
close(fd);
- return (ret);
+ return ret;
}
int RAND_egd_bytes(const char *path, int bytes)
@@ -236,12 +236,12 @@ int RAND_egd_bytes(const char *path, int bytes)
if (RAND_status() == 1)
ret = num;
err:
- return (ret);
+ return ret;
}
int RAND_egd(const char *path)
{
- return (RAND_egd_bytes(path, 255));
+ return RAND_egd_bytes(path, 255);
}
# endif
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index b519dc4..201ed12 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -295,8 +295,8 @@ static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
BIO_snprintf(b->data, b->max,
"%s%08lx.%s%d", ent->dir, h, postfix, k);
} else {
- sprintf(b->data,
- "%s%c%08lx.%s%d", ent->dir, c, h, postfix, k);
+ BIO_snprintf(b->data, b->max,
+ "%s%c%08lx.%s%d", ent->dir, c, h, postfix, k);
}
#ifndef OPENSSL_NO_POSIX_IO
# ifdef _WIN32
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 6d4323a..598cffd 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -108,11 +108,12 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
case GEN_IPADD:
p = gen->d.ip->data;
if (gen->d.ip->length == 4)
- sprintf(oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+ BIO_snprintf(oline, sizeof(oline), "%d.%d.%d.%d",
+ p[0], p[1], p[2], p[3]);
else if (gen->d.ip->length == 16) {
oline[0] = 0;
for (i = 0; i < 8; i++) {
- sprintf(htmp, "%X", p[0] << 8 | p[1]);
+ BIO_snprintf(htmp, sizeof(htmp), "%X", p[0] << 8 | p[1]);
p += 2;
strcat(oline, htmp);
if (i != 7)
diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c
index 590cbc4..c2c0949 100644
--- a/crypto/x509v3/v3_info.c
+++ b/crypto/x509v3/v3_info.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -82,12 +82,9 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
ntmp = OPENSSL_malloc(nlen);
if (ntmp == NULL)
goto err;
- strcpy(ntmp, objtmp);
- strcat(ntmp, " - ");
- strcat(ntmp, vtmp->name);
+ BIO_snprintf(ntmp, nlen, "%s - %s", objtmp, vtmp->name);
OPENSSL_free(vtmp->name);
vtmp->name = ntmp;
-
}
if (ret == NULL && tret == NULL)
return sk_CONF_VALUE_new_null();
More information about the openssl-commits
mailing list