From 7608b31f392fc1719d27258aafe319d9d2b39a81 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Wed, 14 Oct 2015 21:54:10 +0000
Subject: better fix for overrun reported by Qualys Security. buf is at all
 times kept nul terminated, so there is no need to enforce this again upon
 exit. (no need to move buf around after we exahust space.) ok beck miod

---
 src/lib/libcrypto/objects/obj_dat.c         | 5 +----
 src/lib/libssl/src/crypto/objects/obj_dat.c | 5 +----
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c
index dd5d50122b..627f3230a7 100644
--- a/src/lib/libcrypto/objects/obj_dat.c
+++ b/src/lib/libcrypto/objects/obj_dat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_dat.c,v 1.34 2015/10/14 21:25:16 beck Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.35 2015/10/14 21:54:10 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -580,7 +580,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 			if (i == -1)
 				goto err;
 			if (i >= buf_len) {
-				buf += buf_len - 1;
 				buf_len = 0;
 			} else {
 				buf += i;
@@ -592,7 +591,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 			if (i == -1)
 				goto err;
 			if (i >= buf_len) {
-				buf += buf_len - 1;
 				buf_len = 0;
 			} else {
 				buf += i;
@@ -609,7 +607,6 @@ out:
 
 err:
 	ret = 0;
-	buf[0] = '\0';
 	goto out;
 }
 
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.c b/src/lib/libssl/src/crypto/objects/obj_dat.c
index dd5d50122b..627f3230a7 100644
--- a/src/lib/libssl/src/crypto/objects/obj_dat.c
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_dat.c,v 1.34 2015/10/14 21:25:16 beck Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.35 2015/10/14 21:54:10 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -580,7 +580,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 			if (i == -1)
 				goto err;
 			if (i >= buf_len) {
-				buf += buf_len - 1;
 				buf_len = 0;
 			} else {
 				buf += i;
@@ -592,7 +591,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 			if (i == -1)
 				goto err;
 			if (i >= buf_len) {
-				buf += buf_len - 1;
 				buf_len = 0;
 			} else {
 				buf += i;
@@ -609,7 +607,6 @@ out:
 
 err:
 	ret = 0;
-	buf[0] = '\0';
 	goto out;
 }
 
-- 
cgit v1.2.3-55-g6feb