Clean up dangerous strncpy use. This included a use where the resulting

string was potentially not nul terminated and a place where malloc return
was unchecked.
while we're at it remove dummytest.c
ok miod@

18 files changed, 34 insertions, 150 deletions

diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c
index 5a79f72673..2d38837f9e 100644
--- a/src/lib/libcrypto/bio/bss_log.c
+++ b/src/lib/libcrypto/bio/bss_log.c
@@ -160,9 +160,7 @@ slg_write(BIO *b, const char *in, int inl)
         if ((buf = (char *)OPENSSL_malloc(inl + 1)) == NULL) {
                 return (0);
         }
-        strncpy(buf, in, inl);
-        buf[inl] = '\0';
-
+        strlcpy(buf, in, inl + 1);
         i = 0;
         while (strncmp(buf, mapping[i].str, mapping[i].strl) != 0)
                 i++;
diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c
index ae9a209ad7..f6f9d2c080 100644
--- a/src/lib/libcrypto/err/err.c
+++ b/src/lib/libcrypto/err/err.c
@@ -603,8 +603,7 @@ static void build_SYS_str_reasons(void)
                         char *src = strerror(i);
                         if (src != NULL)
                                 {
-                                strncpy(*dest, src, sizeof *dest);
-                                (*dest)[sizeof *dest - 1] = '\0';
+                                strlcpy(*dest, src, sizeof *dest);
                                 str->string = *dest;
                                 }
                         }
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index 7961fbebf2..b3cb0638fa 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -72,8 +72,7 @@ void EVP_set_pw_prompt(const char *prompt)
                 prompt_string[0]='\0';
         else
                 {
-                strncpy(prompt_string,prompt,79);
-                prompt_string[79]='\0';
+                strlcpy(prompt_string,prompt,sizeof(prompt_string));
                 }
         }
 
diff --git a/src/lib/libcrypto/ts/ts_rsp_verify.c b/src/lib/libcrypto/ts/ts_rsp_verify.c
index a003207428..f241230ef4 100644
--- a/src/lib/libcrypto/ts/ts_rsp_verify.c
+++ b/src/lib/libcrypto/ts/ts_rsp_verify.c
@@ -538,7 +538,6 @@ static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
         int i;
         unsigned int length = 0;
         char *result = NULL;
-        char *p;
 
         /* Determine length first. */
         for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i)
@@ -554,17 +553,14 @@ static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
                 return NULL;
                 }
         /* Concatenate the descriptions. */
-        for (i = 0, p = result; i < sk_ASN1_UTF8STRING_num(text); ++i)
+        result[0] = '\0';
+        for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i)
                 {
                 ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
-                length = ASN1_STRING_length(current);
-                if (i > 0) *p++ = '/';
-                strncpy(p, (const char *)ASN1_STRING_data(current), length);
-                p += length;
+                if (i > 0)
+                        strlcat(result, "/", length);
+                strlcat(result, ASN1_STRING_data(current), length);
                 }
-        /* We do have space for this, too. */
-        *p = '\0';
-        
         return result;
         }
 
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
index b5512895a1..ccf2f6e0bf 100644
--- a/src/lib/libcrypto/x509/by_dir.c
+++ b/src/lib/libcrypto/x509/by_dir.c
@@ -246,13 +246,11 @@ add_cert_dir(BY_DIR *ctx, const char *dir, int type)
                                 return 0;
                         ent->dir_type = type;
                         ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
-                        ent->dir = OPENSSL_malloc((unsigned int)len + 1);
+                        ent->dir = strdup(ss);
                         if (!ent->dir || !ent->hashes) {
                                 by_dir_entry_free(ent);
                                 return 0;
                         }
-                        strncpy(ent->dir, ss,(unsigned int)len);
-                        ent->dir[len] = '\0';
                         if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
                                 by_dir_entry_free(ent);
                                 return 0;
diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c
index bcc1e7429e..1d3cf547d7 100644
--- a/src/lib/libcrypto/x509/x509_obj.c
+++ b/src/lib/libcrypto/x509/x509_obj.c
@@ -90,8 +90,7 @@ int i;
                 buf=b->data;
                 OPENSSL_free(b);
                 }
-            strncpy(buf,"NO X509_NAME",len);
-            buf[len-1]='\0';
+            strlcpy(buf,"NO X509_NAME",len);
             return buf;
             }
 
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
index 66ea96db51..8de5dd041b 100644
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -579,10 +579,12 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
                 return 0;
         objlen = p - value;
         objtmp = OPENSSL_malloc(objlen + 1);
-        strncpy(objtmp, value, objlen);
-        objtmp[objlen] = 0;
-        gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
-        OPENSSL_free(objtmp);   
+        if (objtmp) {
+                strlcpy(objtmp, value, objlen + 1);
+                gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
+                OPENSSL_free(objtmp);
+        } else
+                gen->d.otherName->type_id = NULL;
         if (!gen->d.otherName->type_id)
                 return 0;
         return 1;
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
index e1b8699f92..44bc3e1105 100644
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ b/src/lib/libcrypto/x509v3/v3_info.c
@@ -165,8 +165,7 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho
                         X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
                         goto err;
                 }
-                strncpy(objtmp, cnf->name, objlen);
-                objtmp[objlen] = 0;
+                strlcpy(objtmp, cnf->name, objlen + 1);
                 acc->method = OBJ_txt2obj(objtmp, 0);
                 if(!acc->method) {
                         X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT);
diff --git a/src/lib/libssl/src/crypto/bio/bss_log.c b/src/lib/libssl/src/crypto/bio/bss_log.c
index 5a79f72673..2d38837f9e 100644
--- a/src/lib/libssl/src/crypto/bio/bss_log.c
+++ b/src/lib/libssl/src/crypto/bio/bss_log.c
@@ -160,9 +160,7 @@ slg_write(BIO *b, const char *in, int inl)
         if ((buf = (char *)OPENSSL_malloc(inl + 1)) == NULL) {
                 return (0);
         }
-        strncpy(buf, in, inl);
-        buf[inl] = '\0';
-
+        strlcpy(buf, in, inl + 1);
         i = 0;
         while (strncmp(buf, mapping[i].str, mapping[i].strl) != 0)
                 i++;
diff --git a/src/lib/libssl/src/crypto/err/err.c b/src/lib/libssl/src/crypto/err/err.c
index ae9a209ad7..f6f9d2c080 100644
--- a/src/lib/libssl/src/crypto/err/err.c
+++ b/src/lib/libssl/src/crypto/err/err.c
@@ -603,8 +603,7 @@ static void build_SYS_str_reasons(void)
                         char *src = strerror(i);
                         if (src != NULL)
                                 {
-                                strncpy(*dest, src, sizeof *dest);
-                                (*dest)[sizeof *dest - 1] = '\0';
+                                strlcpy(*dest, src, sizeof *dest);
                                 str->string = *dest;
                                 }
                         }
diff --git a/src/lib/libssl/src/crypto/evp/evp_key.c b/src/lib/libssl/src/crypto/evp/evp_key.c
index 7961fbebf2..b3cb0638fa 100644
--- a/src/lib/libssl/src/crypto/evp/evp_key.c
+++ b/src/lib/libssl/src/crypto/evp/evp_key.c
@@ -72,8 +72,7 @@ void EVP_set_pw_prompt(const char *prompt)
                 prompt_string[0]='\0';
         else
                 {
-                strncpy(prompt_string,prompt,79);
-                prompt_string[79]='\0';
+                strlcpy(prompt_string,prompt,sizeof(prompt_string));
                 }
         }
 
diff --git a/src/lib/libssl/src/crypto/ts/ts_rsp_verify.c b/src/lib/libssl/src/crypto/ts/ts_rsp_verify.c
index a003207428..f241230ef4 100644
--- a/src/lib/libssl/src/crypto/ts/ts_rsp_verify.c
+++ b/src/lib/libssl/src/crypto/ts/ts_rsp_verify.c
@@ -538,7 +538,6 @@ static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
         int i;
         unsigned int length = 0;
         char *result = NULL;
-        char *p;
 
         /* Determine length first. */
         for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i)
@@ -554,17 +553,14 @@ static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
                 return NULL;
                 }
         /* Concatenate the descriptions. */
-        for (i = 0, p = result; i < sk_ASN1_UTF8STRING_num(text); ++i)
+        result[0] = '\0';
+        for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i)
                 {
                 ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
-                length = ASN1_STRING_length(current);
-                if (i > 0) *p++ = '/';
-                strncpy(p, (const char *)ASN1_STRING_data(current), length);
-                p += length;
+                if (i > 0)
+                        strlcat(result, "/", length);
+                strlcat(result, ASN1_STRING_data(current), length);
                 }
-        /* We do have space for this, too. */
-        *p = '\0';
-        
         return result;
         }
 
diff --git a/src/lib/libssl/src/crypto/x509/by_dir.c b/src/lib/libssl/src/crypto/x509/by_dir.c
index b5512895a1..ccf2f6e0bf 100644
--- a/src/lib/libssl/src/crypto/x509/by_dir.c
+++ b/src/lib/libssl/src/crypto/x509/by_dir.c
@@ -246,13 +246,11 @@ add_cert_dir(BY_DIR *ctx, const char *dir, int type)
                                 return 0;
                         ent->dir_type = type;
                         ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
-                        ent->dir = OPENSSL_malloc((unsigned int)len + 1);
+                        ent->dir = strdup(ss);
                         if (!ent->dir || !ent->hashes) {
                                 by_dir_entry_free(ent);
                                 return 0;
                         }
-                        strncpy(ent->dir, ss,(unsigned int)len);
-                        ent->dir[len] = '\0';
                         if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
                                 by_dir_entry_free(ent);
                                 return 0;
diff --git a/src/lib/libssl/src/crypto/x509/x509_obj.c b/src/lib/libssl/src/crypto/x509/x509_obj.c
index bcc1e7429e..1d3cf547d7 100644
--- a/src/lib/libssl/src/crypto/x509/x509_obj.c
+++ b/src/lib/libssl/src/crypto/x509/x509_obj.c
@@ -90,8 +90,7 @@ int i;
                 buf=b->data;
                 OPENSSL_free(b);
                 }
-            strncpy(buf,"NO X509_NAME",len);
-            buf[len-1]='\0';
+            strlcpy(buf,"NO X509_NAME",len);
             return buf;
             }
 
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_alt.c b/src/lib/libssl/src/crypto/x509v3/v3_alt.c
index 66ea96db51..8de5dd041b 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_alt.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_alt.c
@@ -579,10 +579,12 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
                 return 0;
         objlen = p - value;
         objtmp = OPENSSL_malloc(objlen + 1);
-        strncpy(objtmp, value, objlen);
-        objtmp[objlen] = 0;
-        gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
-        OPENSSL_free(objtmp);   
+        if (objtmp) {
+                strlcpy(objtmp, value, objlen + 1);
+                gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
+                OPENSSL_free(objtmp);
+        } else
+                gen->d.otherName->type_id = NULL;
         if (!gen->d.otherName->type_id)
                 return 0;
         return 1;
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_info.c b/src/lib/libssl/src/crypto/x509v3/v3_info.c
index e1b8699f92..44bc3e1105 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_info.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_info.c
@@ -165,8 +165,7 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho
                         X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE);
                         goto err;
                 }
-                strncpy(objtmp, cnf->name, objlen);
-                objtmp[objlen] = 0;
+                strlcpy(objtmp, cnf->name, objlen + 1);
                 acc->method = OBJ_txt2obj(objtmp, 0);
                 if(!acc->method) {
                         X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT);
diff --git a/src/lib/libssl/src/test/dummytest.c b/src/lib/libssl/src/test/dummytest.c
deleted file mode 100644
index 5b4467e042..0000000000
--- a/src/lib/libssl/src/test/dummytest.c
+++ /dev/null
@@ -1,48 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <openssl/e_os2.h>
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-
-int main(int argc, char *argv[])
-        {
-        char *p, *q = 0, *program;
-
-        p = strrchr(argv[0], '/');
-        if (!p) p = strrchr(argv[0], '\\');
-#ifdef OPENSSL_SYS_VMS
-        if (!p) p = strrchr(argv[0], ']');
-        if (p) q = strrchr(p, '>');
-        if (q) p = q;
-        if (!p) p = strrchr(argv[0], ':');
-        q = 0;
-#endif
-        if (p) p++;
-        if (!p) p = argv[0];
-        if (p) q = strchr(p, '.');
-        if (p && !q) q = p + strlen(p);
-
-        if (!p)
-                program = BUF_strdup("(unknown)");
-        else
-                {
-                program = OPENSSL_malloc((q - p) + 1);
-                strncpy(program, p, q - p);
-                program[q - p] = '\0';
-                }
-
-        for(p = program; *p; p++)
-                if (islower((unsigned char)(*p)))
-                        *p = toupper((unsigned char)(*p));
-
-        q = strstr(program, "TEST");
-        if (q > p && q[-1] == '_') q--;
-        *q = '\0';
-
-        printf("No %s support\n", program);
-
-        OPENSSL_free(program);
-        return(0);
-        }
diff --git a/src/lib/libssl/test/dummytest.c b/src/lib/libssl/test/dummytest.c
deleted file mode 100644
index 5b4467e042..0000000000
--- a/src/lib/libssl/test/dummytest.c
+++ /dev/null
@@ -1,48 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <openssl/e_os2.h>
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-
-int main(int argc, char *argv[])
-        {
-        char *p, *q = 0, *program;
-
-        p = strrchr(argv[0], '/');
-        if (!p) p = strrchr(argv[0], '\\');
-#ifdef OPENSSL_SYS_VMS
-        if (!p) p = strrchr(argv[0], ']');
-        if (p) q = strrchr(p, '>');
-        if (q) p = q;
-        if (!p) p = strrchr(argv[0], ':');
-        q = 0;
-#endif
-        if (p) p++;
-        if (!p) p = argv[0];
-        if (p) q = strchr(p, '.');
-        if (p && !q) q = p + strlen(p);
-
-        if (!p)
-                program = BUF_strdup("(unknown)");
-        else
-                {
-                program = OPENSSL_malloc((q - p) + 1);
-                strncpy(program, p, q - p);
-                program[q - p] = '\0';
-                }
-
-        for(p = program; *p; p++)
-                if (islower((unsigned char)(*p)))
-                        *p = toupper((unsigned char)(*p));
-
-        q = strstr(program, "TEST");
-        if (q > p && q[-1] == '_') q--;
-        *q = '\0';
-
-        printf("No %s support\n", program);
-
-        OPENSSL_free(program);
-        return(0);
-        }