diff options
| author | Richard Levitte <levitte@openssl.org> | 2002-02-28 13:42:19 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2002-02-28 13:42:19 +0100 |
| commit | 26414ee013170f2d8e42b1995dbb30c03e7ed16c (patch) | |
| tree | 8c063e88267e1cc018fb3a71a74b35962249702f /crypto/evp | |
| parent | Updated AEP engine, submitted by Diarmuid O'Neill <Diarmuid.ONeill@aep.ie> (diff) | |
| download | openssl-26414ee013170f2d8e42b1995dbb30c03e7ed16c.tar.xz openssl-26414ee013170f2d8e42b1995dbb30c03e7ed16c.zip | |
Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated
Diffstat (limited to 'crypto/evp')
| -rw-r--r-- | crypto/evp/evp_key.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 9d9b0af8de..4271393069 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -71,7 +71,10 @@ void EVP_set_pw_prompt(char *prompt) if (prompt == NULL) prompt_string[0]='\0'; else + { strncpy(prompt_string,prompt,79); + prompt_string[79]='\0'; + } } char *EVP_get_pw_prompt(void) |