From 64baf058c75b35d02155679035668c4b7d001892 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Mon, 27 Jan 2025 08:05:02 +0000
Subject: X509_NAME_print: NUL-terminate and switch to BIO_printf()

This handles the empty string, which ruby-openssl checks.

Pointed out by anton
---
 src/lib/libcrypto/asn1/t_x509.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index 669aec0093..d71e2d2e9a 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t_x509.c,v 1.48 2025/01/26 20:18:26 tb Exp $ */
+/* $OpenBSD: t_x509.c,v 1.49 2025/01/27 08:05:02 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -549,13 +549,16 @@ X509_NAME_print(BIO *bio, const X509_NAME *name, int obase)
 		started = 1;
 	}
 
+	if (!CBB_add_u8(&cbb, '\0'))
+		goto err;
+
 	if (!CBB_finish(&cbb, &buf, &buf_len))
 		goto err;
 
 	if (buf_len > INT_MAX)
 		goto err;
 
-	if (BIO_write(bio, buf, buf_len) <= 0)
+	if (BIO_printf(bio, "%s", buf) < 0)
 		goto err;
 
 	ret = 1;
-- 
cgit v1.2.3-55-g6feb