diff options
| author | Pauli <paul.dale@oracle.com> | 2017-07-06 06:56:20 +0200 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2017-07-07 07:45:55 +0200 |
| commit | a2371fa93365cc0bc0e46b9d65f3a47a074b1c30 (patch) | |
| tree | c4751256bc9a1e3d2b20bad3becd6b17aec2c9f4 /crypto/conf/conf_mod.c | |
| parent | Fix cipher_compare (diff) | |
| download | openssl-a2371fa93365cc0bc0e46b9d65f3a47a074b1c30.tar.xz openssl-a2371fa93365cc0bc0e46b9d65f3a47a074b1c30.zip | |
Trivial bounds checking.
Bounds checking strpy, strcat and sprintf.
These are the remaining easy ones to cover a recently removed commit.
Some are trivial, some have been modified and a couple left as they are because the reverted change didn't bounds check properly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3871)
Diffstat (limited to 'crypto/conf/conf_mod.c')
| -rw-r--r-- | crypto/conf/conf_mod.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index 33a96980bb..932c69d7b7 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -170,8 +170,9 @@ static int module_run(const CONF *cnf, const char *name, const char *value, if (ret <= 0) { if (!(flags & CONF_MFLAGS_SILENT)) { char rcode[DECIMAL_SIZE(ret) + 1]; + CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR); - sprintf(rcode, "%-8d", ret); + BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret); ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); } @@ -475,7 +476,7 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data) char *CONF_get1_default_config_file(void) { - char *file; + char *file, *sep = ""; int len; file = getenv("OPENSSL_CONF"); @@ -485,6 +486,7 @@ char *CONF_get1_default_config_file(void) len = strlen(X509_get_default_cert_area()); #ifndef OPENSSL_SYS_VMS len++; + sep = "/"; #endif len += strlen(OPENSSL_CONF); @@ -492,11 +494,8 @@ char *CONF_get1_default_config_file(void) if (file == NULL) return NULL; - strcpy(file, X509_get_default_cert_area()); -#ifndef OPENSSL_SYS_VMS - strcat(file, "/"); -#endif - strcat(file, OPENSSL_CONF); + BIO_snprintf(file, len + 1, "%s%s%s", X509_get_default_cert_area(), + sep, OPENSSL_CONF); return file; } |