diff options
Diffstat (limited to 'src/lib/libcrypto/dso/dso_dl.c')
| -rw-r--r-- | src/lib/libcrypto/dso/dso_dl.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/src/lib/libcrypto/dso/dso_dl.c b/src/lib/libcrypto/dso/dso_dl.c index fc4236bd9a..c3b4f6cf45 100644 --- a/src/lib/libcrypto/dso/dso_dl.c +++ b/src/lib/libcrypto/dso/dso_dl.c | |||
| @@ -259,18 +259,20 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) | |||
| 259 | same goes if the second file specification is missing. */ | 259 | same goes if the second file specification is missing. */ |
| 260 | if (!filespec2 || filespec1[0] == '/') | 260 | if (!filespec2 || filespec1[0] == '/') |
| 261 | { | 261 | { |
| 262 | merged = OPENSSL_malloc(strlen(filespec1) + 1); | 262 | size_t len = strlen(filespec1) + 1; |
| 263 | merged = OPENSSL_malloc(len); | ||
| 263 | if(!merged) | 264 | if(!merged) |
| 264 | { | 265 | { |
| 265 | DSOerr(DSO_F_DL_MERGER, | 266 | DSOerr(DSO_F_DL_MERGER, |
| 266 | ERR_R_MALLOC_FAILURE); | 267 | ERR_R_MALLOC_FAILURE); |
| 267 | return(NULL); | 268 | return(NULL); |
| 268 | } | 269 | } |
| 269 | strcpy(merged, filespec1); | 270 | memcpy(merged, filespec1, len); |
| 270 | } | 271 | } |
| 271 | /* If the first file specification is missing, the second one rules. */ | 272 | /* If the first file specification is missing, the second one rules. */ |
| 272 | else if (!filespec1) | 273 | else if (!filespec1) |
| 273 | { | 274 | { |
| 275 | size_t len = strlen(filespec2) + 1; | ||
| 274 | merged = OPENSSL_malloc(strlen(filespec2) + 1); | 276 | merged = OPENSSL_malloc(strlen(filespec2) + 1); |
| 275 | if(!merged) | 277 | if(!merged) |
| 276 | { | 278 | { |
| @@ -278,7 +280,7 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) | |||
| 278 | ERR_R_MALLOC_FAILURE); | 280 | ERR_R_MALLOC_FAILURE); |
| 279 | return(NULL); | 281 | return(NULL); |
| 280 | } | 282 | } |
| 281 | strcpy(merged, filespec2); | 283 | memcpy(merged, filespec2, len); |
| 282 | } | 284 | } |
| 283 | else | 285 | else |
| 284 | /* This part isn't as trivial as it looks. It assumes that | 286 | /* This part isn't as trivial as it looks. It assumes that |
| @@ -287,7 +289,7 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) | |||
| 287 | the concatenation of filespec2 followed by a slash followed | 289 | the concatenation of filespec2 followed by a slash followed |
| 288 | by filespec1. */ | 290 | by filespec1. */ |
| 289 | { | 291 | { |
| 290 | int spec2len, len; | 292 | size_t spec2len, len; |
| 291 | 293 | ||
| 292 | spec2len = (filespec2 ? strlen(filespec2) : 0); | 294 | spec2len = (filespec2 ? strlen(filespec2) : 0); |
| 293 | len = spec2len + (filespec1 ? strlen(filespec1) : 0); | 295 | len = spec2len + (filespec1 ? strlen(filespec1) : 0); |
| @@ -304,9 +306,9 @@ static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2) | |||
| 304 | ERR_R_MALLOC_FAILURE); | 306 | ERR_R_MALLOC_FAILURE); |
| 305 | return(NULL); | 307 | return(NULL); |
| 306 | } | 308 | } |
| 307 | strcpy(merged, filespec2); | 309 | strlcpy(merged, filespec2, len + 2); |
| 308 | merged[spec2len] = '/'; | 310 | merged[spec2len] = '/'; |
| 309 | strcpy(&merged[spec2len + 1], filespec1); | 311 | strlcpy(&merged[spec2len + 1], filespec1, 1 + len - spec2len); |
| 310 | } | 312 | } |
| 311 | return(merged); | 313 | return(merged); |
| 312 | } | 314 | } |