diff options
| author | moritz <> | 2007-10-10 19:39:19 +0000 |
|---|---|---|
| committer | moritz <> | 2007-10-10 19:39:19 +0000 |
| commit | bd1e03a2e6753a3548e4e72197b9ca31041d113a (patch) | |
| tree | 7779027f2003745fde027dded0605416cdc67ab9 | |
| parent | 5466c28b1bd5a7699ec46cd69510bdaa7994294e (diff) | |
| download | openbsd-bd1e03a2e6753a3548e4e72197b9ca31041d113a.tar.gz openbsd-bd1e03a2e6753a3548e4e72197b9ca31041d113a.tar.bz2 openbsd-bd1e03a2e6753a3548e4e72197b9ca31041d113a.zip | |
Replace use of strcpy(3) and other pointer goo in
SSL_get_shared_ciphers() with strlcat(3).
ok deraadt@ markus@
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl_lib.c | 27 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 27 |
2 files changed, 24 insertions, 30 deletions
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index e9fda28f63..0f4b7a475b 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c | |||
| @@ -1168,36 +1168,33 @@ int SSL_set_cipher_list(SSL *s,const char *str) | |||
| 1168 | /* works well for SSLv2, not so good for SSLv3 */ | 1168 | /* works well for SSLv2, not so good for SSLv3 */ |
| 1169 | char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) | 1169 | char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) |
| 1170 | { | 1170 | { |
| 1171 | char *p; | 1171 | char *end; |
| 1172 | STACK_OF(SSL_CIPHER) *sk; | 1172 | STACK_OF(SSL_CIPHER) *sk; |
| 1173 | SSL_CIPHER *c; | 1173 | SSL_CIPHER *c; |
| 1174 | size_t curlen = 0; | ||
| 1174 | int i; | 1175 | int i; |
| 1175 | 1176 | ||
| 1176 | if ((s->session == NULL) || (s->session->ciphers == NULL) || | 1177 | if ((s->session == NULL) || (s->session->ciphers == NULL) || |
| 1177 | (len < 2)) | 1178 | (len < 2)) |
| 1178 | return(NULL); | 1179 | return(NULL); |
| 1179 | 1180 | ||
| 1180 | p=buf; | ||
| 1181 | sk=s->session->ciphers; | 1181 | sk=s->session->ciphers; |
| 1182 | buf[0] = '\0'; | ||
| 1182 | for (i=0; i<sk_SSL_CIPHER_num(sk); i++) | 1183 | for (i=0; i<sk_SSL_CIPHER_num(sk); i++) |
| 1183 | { | 1184 | { |
| 1184 | int n; | ||
| 1185 | |||
| 1186 | c=sk_SSL_CIPHER_value(sk,i); | 1185 | c=sk_SSL_CIPHER_value(sk,i); |
| 1187 | n=strlen(c->name); | 1186 | end = buf + curlen; |
| 1188 | if (n+1 > len) | 1187 | if (strlcat(buf, c->name, len) >= len || |
| 1188 | (curlen = strlcat(buf, ":", len)) >= len) | ||
| 1189 | { | 1189 | { |
| 1190 | if (p != buf) | 1190 | /* remove truncated cipher from list */ |
| 1191 | --p; | 1191 | *end = '\0'; |
| 1192 | *p='\0'; | 1192 | break; |
| 1193 | return buf; | ||
| 1194 | } | 1193 | } |
| 1195 | strcpy(p,c->name); | ||
| 1196 | p+=n; | ||
| 1197 | *(p++)=':'; | ||
| 1198 | len-=n+1; | ||
| 1199 | } | 1194 | } |
| 1200 | p[-1]='\0'; | 1195 | /* remove trailing colon */ |
| 1196 | if ((end = strrchr(buf, ':')) != NULL) | ||
| 1197 | *end = '\0'; | ||
| 1201 | return(buf); | 1198 | return(buf); |
| 1202 | } | 1199 | } |
| 1203 | 1200 | ||
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index e9fda28f63..0f4b7a475b 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1168,36 +1168,33 @@ int SSL_set_cipher_list(SSL *s,const char *str) | |||
| 1168 | /* works well for SSLv2, not so good for SSLv3 */ | 1168 | /* works well for SSLv2, not so good for SSLv3 */ |
| 1169 | char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) | 1169 | char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) |
| 1170 | { | 1170 | { |
| 1171 | char *p; | 1171 | char *end; |
| 1172 | STACK_OF(SSL_CIPHER) *sk; | 1172 | STACK_OF(SSL_CIPHER) *sk; |
| 1173 | SSL_CIPHER *c; | 1173 | SSL_CIPHER *c; |
| 1174 | size_t curlen = 0; | ||
| 1174 | int i; | 1175 | int i; |
| 1175 | 1176 | ||
| 1176 | if ((s->session == NULL) || (s->session->ciphers == NULL) || | 1177 | if ((s->session == NULL) || (s->session->ciphers == NULL) || |
| 1177 | (len < 2)) | 1178 | (len < 2)) |
| 1178 | return(NULL); | 1179 | return(NULL); |
| 1179 | 1180 | ||
| 1180 | p=buf; | ||
| 1181 | sk=s->session->ciphers; | 1181 | sk=s->session->ciphers; |
| 1182 | buf[0] = '\0'; | ||
| 1182 | for (i=0; i<sk_SSL_CIPHER_num(sk); i++) | 1183 | for (i=0; i<sk_SSL_CIPHER_num(sk); i++) |
| 1183 | { | 1184 | { |
| 1184 | int n; | ||
| 1185 | |||
| 1186 | c=sk_SSL_CIPHER_value(sk,i); | 1185 | c=sk_SSL_CIPHER_value(sk,i); |
| 1187 | n=strlen(c->name); | 1186 | end = buf + curlen; |
| 1188 | if (n+1 > len) | 1187 | if (strlcat(buf, c->name, len) >= len || |
| 1188 | (curlen = strlcat(buf, ":", len)) >= len) | ||
| 1189 | { | 1189 | { |
| 1190 | if (p != buf) | 1190 | /* remove truncated cipher from list */ |
| 1191 | --p; | 1191 | *end = '\0'; |
| 1192 | *p='\0'; | 1192 | break; |
| 1193 | return buf; | ||
| 1194 | } | 1193 | } |
| 1195 | strcpy(p,c->name); | ||
| 1196 | p+=n; | ||
| 1197 | *(p++)=':'; | ||
| 1198 | len-=n+1; | ||
| 1199 | } | 1194 | } |
| 1200 | p[-1]='\0'; | 1195 | /* remove trailing colon */ |
| 1196 | if ((end = strrchr(buf, ':')) != NULL) | ||
| 1197 | *end = '\0'; | ||
| 1201 | return(buf); | 1198 | return(buf); |
| 1202 | } | 1199 | } |
| 1203 | 1200 | ||