summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509
diff options
context:
space:
mode:
authorbeck <>2014-04-16 20:36:35 +0000
committerbeck <>2014-04-16 20:36:35 +0000
commit750d86a4fc04f53024575d65269281ea6c4e450c (patch)
tree4a8d2bd6f2dd786d658a75ea2db858806f2ec5f4 /src/lib/libcrypto/x509
parentbe77aa550ef0450b00eb62880d4d98112ba86e50 (diff)
downloadopenbsd-750d86a4fc04f53024575d65269281ea6c4e450c.tar.gz
openbsd-750d86a4fc04f53024575d65269281ea6c4e450c.tar.bz2
openbsd-750d86a4fc04f53024575d65269281ea6c4e450c.zip
Clean up dangerous strncpy use. This included a use where the resulting
string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
Diffstat (limited to 'src/lib/libcrypto/x509')
-rw-r--r--src/lib/libcrypto/x509/by_dir.c4
-rw-r--r--src/lib/libcrypto/x509/x509_obj.c3
2 files changed, 2 insertions, 5 deletions
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
index b5512895a1..ccf2f6e0bf 100644
--- a/src/lib/libcrypto/x509/by_dir.c
+++ b/src/lib/libcrypto/x509/by_dir.c
@@ -246,13 +246,11 @@ add_cert_dir(BY_DIR *ctx, const char *dir, int type)
246 return 0; 246 return 0;
247 ent->dir_type = type; 247 ent->dir_type = type;
248 ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); 248 ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
249 ent->dir = OPENSSL_malloc((unsigned int)len + 1); 249 ent->dir = strdup(ss);
250 if (!ent->dir || !ent->hashes) { 250 if (!ent->dir || !ent->hashes) {
251 by_dir_entry_free(ent); 251 by_dir_entry_free(ent);
252 return 0; 252 return 0;
253 } 253 }
254 strncpy(ent->dir, ss,(unsigned int)len);
255 ent->dir[len] = '\0';
256 if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) { 254 if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
257 by_dir_entry_free(ent); 255 by_dir_entry_free(ent);
258 return 0; 256 return 0;
diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c
index bcc1e7429e..1d3cf547d7 100644
--- a/src/lib/libcrypto/x509/x509_obj.c
+++ b/src/lib/libcrypto/x509/x509_obj.c
@@ -90,8 +90,7 @@ int i;
90 buf=b->data; 90 buf=b->data;
91 OPENSSL_free(b); 91 OPENSSL_free(b);
92 } 92 }
93 strncpy(buf,"NO X509_NAME",len); 93 strlcpy(buf,"NO X509_NAME",len);
94 buf[len-1]='\0';
95 return buf; 94 return buf;
96 } 95 }
97 96
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-11 15:40:49 +0000