[openssl/openssl] 315845: Enhance code safety and readability in SSL_get_sha...
noreply at github.com
Mon Sep 18 12:13:41 UTC 2023
Author: Sumitra Sharma <sumitraartsy at gmail.com>
Date: 2023-09-18 (Mon, 18 Sep 2023)
Enhance code safety and readability in SSL_get_shared_ciphers()
This commit introduces two key improvements:
1. Improve code safety by replacing the conditional statement with
`if (n >= size)` and using OPENSSL_strnlen() instead of strlen().
This change ensures proper buffer size handling and adheres to
secure coding practices.
2. Enhance code readability by substituting `strcpy(p, c->name)` with
`memcpy(p, c->name, n)`. This adjustment prioritizes code clarity and
maintenance, even while mitigating a minimal buffer overflow risk.
These enhancements bolster the code's robustness and comprehensibility,
aligning with secure coding principles and best practices.
Signed-off-by: Sumitra Sharma <sumitraartsy at gmail.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21934)
(cherry picked from commit 2743594d73e65c38375c619e89ec62579e2c24a9)
More information about the openssl-commits