From 93094b52ab80eaa8ec649868cd4242a767f67a5d Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Sat, 26 Apr 2003 18:06:46 +0000
Subject: string cleaning; ok tedu

---
 src/lib/libssl/src/apps/ca.c     | 32 ++++++++++++++++++--------------
 src/lib/libssl/src/apps/engine.c |  4 ++--
 2 files changed, 20 insertions(+), 16 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c
index 204974eeea..60bc4e5191 100644
--- a/src/lib/libssl/src/apps/ca.c
+++ b/src/lib/libssl/src/apps/ca.c
@@ -575,9 +575,9 @@ bad:
 		strncpy(buf[0],X509_get_default_cert_area(),
 			sizeof(buf[0])-2-sizeof(CONFIG_FILE));
 		buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0';
-		strcat(buf[0],"/");
+		strlcat(buf[0],"/",sizeof(buf[0]));
 #endif
-		strcat(buf[0],CONFIG_FILE);
+		strlcat(buf[0],CONFIG_FILE,sizeof(buf[0]));
 		configfile=buf[0];
 		}
 
@@ -1286,7 +1286,7 @@ bad:
 #ifdef OPENSSL_SYS_VMS
 			strcat(buf[0],"-new");
 #else
-			strcat(buf[0],".new");
+			strlcat(buf[0],".new",sizeof(buf[0]));
 #endif
 
 			if (!save_serial(buf[0],serial)) goto err;
@@ -1297,7 +1297,7 @@ bad:
 #ifdef OPENSSL_SYS_VMS
 			strcat(buf[1],"-new");
 #else
-			strcat(buf[1],".new");
+			strlcat(buf[1],".new",sizeof(buf[1]));
 #endif
 
 			if (BIO_write_filename(out,buf[1]) <= 0)
@@ -1315,7 +1315,7 @@ bad:
 		for (i=0; i<sk_X509_num(cert_sk); i++)
 			{
 			int k;
-			unsigned char *n;
+			char *n;
 
 			x=sk_X509_value(cert_sk,i);
 
@@ -1326,15 +1326,19 @@ bad:
 			buf[2][BSIZE-(j*2)-6]='\0';
 
 #ifndef OPENSSL_SYS_VMS
-			strcat(buf[2],"/");
+			strlcat(buf[2],"/",sizeof(buf[2]));
 #endif
 
-			n=(unsigned char *)&(buf[2][strlen(buf[2])]);
+			n=(char *)&(buf[2][strlen(buf[2])]);
 			if (j > 0)
 				{
 				for (k=0; k<j; k++)
 					{
-					sprintf((char *)n,"%02X",(unsigned char)*(p++));
+					if (n >= &(buf[2][sizeof(buf[2])]))
+						break;
+					snprintf(n,
+						&buf[2][0] + sizeof(buf[2]) - n,
+						"%02X",(unsigned char)*(p++));
 					n+=2;
 					}
 				}
@@ -1366,7 +1370,7 @@ bad:
 #ifdef OPENSSL_SYS_VMS
 			strcat(buf[2],"-old");
 #else
-			strcat(buf[2],".old");
+			strlcat(buf[2],".old",sizeof(buf[2]));
 #endif
 
 			BIO_free(in);
@@ -1395,7 +1399,7 @@ bad:
 #ifdef OPENSSL_SYS_VMS
 			strcat(buf[2],"-old");
 #else
-			strcat(buf[2],".old");
+			strlcat(buf[2],".old",sizeof(buf[2]));
 #endif
 
 			if (rename(dbfile,buf[2]) < 0)
@@ -1560,7 +1564,7 @@ bad:
 			strncpy(buf[0],dbfile,BSIZE-4);
 			buf[0][BSIZE-4]='\0';
 #ifndef OPENSSL_SYS_VMS
-			strcat(buf[0],".new");
+			strlcat(buf[0],".new",sizeof(buf[0]));
 #else
 			strcat(buf[0],"-new");
 #endif
@@ -1579,7 +1583,7 @@ bad:
 			strncpy(buf[1],dbfile,BSIZE-4);
 			buf[1][BSIZE-4]='\0';
 #ifndef OPENSSL_SYS_VMS
-			strcat(buf[1],".old");
+			strlcat(buf[1],".old",sizeof(buf[1]));
 #else
 			strcat(buf[1],"-old");
 #endif
@@ -2311,7 +2315,7 @@ again2:
 		BIO_printf(bio_err,"Memory allocation failure\n");
 		goto err;
 		}
-	strcpy(row[DB_file],"unknown");
+	strlcpy(row[DB_file],"unknown",8);
 	row[DB_type][0]='V';
 	row[DB_type][1]='\0';
 
@@ -2609,7 +2613,7 @@ static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value)
 			BIO_printf(bio_err,"Memory allocation failure\n");
 			goto err;
 			}
-		strcpy(row[DB_file],"unknown");
+		strlcpy(row[DB_file],"unknown",8);
 		row[DB_type][0]='V';
 		row[DB_type][1]='\0';
 
diff --git a/src/lib/libssl/src/apps/engine.c b/src/lib/libssl/src/apps/engine.c
index 734ecb3e5d..3c94c3c4ed 100644
--- a/src/lib/libssl/src/apps/engine.c
+++ b/src/lib/libssl/src/apps/engine.c
@@ -120,8 +120,8 @@ static int append_buf(char **buf, const char *s, int *size, int step)
 		return 0;
 
 	if (**buf != '\0')
-		strcat(*buf, ", ");
-	strcat(*buf, s);
+		strlcat(*buf, ", ", *size);
+	strlcat(*buf, s, *size);
 
 	return 1;
 	}
-- 
cgit v1.2.3-55-g6feb