summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--STATUS5
-rw-r--r--apps/ca.c8
-rw-r--r--crypto/des/des.c3
-rw-r--r--crypto/evp/evp_key.c3
-rw-r--r--crypto/x509/x509_obj.c1
-rw-r--r--ssl/kssl.c2
6 files changed, 18 insertions, 4 deletions
diff --git a/STATUS b/STATUS
index 67ecd83a98..542174cdf2 100644
--- a/STATUS
+++ b/STATUS
@@ -1,6 +1,6 @@
OpenSSL STATUS Last modified at
- ______________ $Date: 2002/02/21 17:23:04 $
+ ______________ $Date: 2002/02/28 12:42:00 $
DEVELOPMENT STATE
@@ -63,9 +63,6 @@
o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
- o Whenever strncpy is used, make sure the resulting string is NULL-terminated
- or an error is reported
-
o "OpenSSL STATUS" is never up-to-date.
OPEN ISSUES
diff --git a/apps/ca.c b/apps/ca.c
index 182c29e8c6..f368d39b97 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -571,6 +571,7 @@ bad:
#else
strncpy(buf[0],X509_get_default_cert_area(),
sizeof(buf[0])-2-sizeof(CONFIG_FILE));
+ buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0';
strcat(buf[0],"/");
#endif
strcat(buf[0],CONFIG_FILE);
@@ -1277,6 +1278,7 @@ bad:
BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
strncpy(buf[0],serialfile,BSIZE-4);
+ buf[0][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[0],"-new");
@@ -1287,6 +1289,7 @@ bad:
if (!save_serial(buf[0],serial)) goto err;
strncpy(buf[1],dbfile,BSIZE-4);
+ buf[1][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[1],"-new");
@@ -1317,6 +1320,7 @@ bad:
p=(char *)x->cert_info->serialNumber->data;
strncpy(buf[2],outdir,BSIZE-(j*2)-6);
+ buf[2][BSIZE-(j*2)-6]='\0';
#ifndef OPENSSL_SYS_VMS
strcat(buf[2],"/");
@@ -1354,6 +1358,7 @@ bad:
{
/* Rename the database and the serial file */
strncpy(buf[2],serialfile,BSIZE-4);
+ buf[2][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
@@ -1382,6 +1387,7 @@ bad:
}
strncpy(buf[2],dbfile,BSIZE-4);
+ buf[2][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
@@ -1554,6 +1560,7 @@ bad:
X509_free(revcert);
strncpy(buf[0],dbfile,BSIZE-4);
+ buf[0][BSIZE-4]='\0';
#ifndef OPENSSL_SYS_VMS
strcat(buf[0],".new");
#else
@@ -1568,6 +1575,7 @@ bad:
j=TXT_DB_write(out,db);
if (j <= 0) goto err;
strncpy(buf[1],dbfile,BSIZE-4);
+ buf[1][BSIZE-4]='\0';
#ifndef OPENSSL_SYS_VMS
strcat(buf[1],".old");
#else
diff --git a/crypto/des/des.c b/crypto/des/des.c
index a03ce161af..d8c846b23d 100644
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -153,12 +153,14 @@ int main(int argc, char **argv)
case 'c':
cflag=1;
strncpy(cksumname,p,200);
+ cksumname[sizeof(cksumname)-1]='\0';
p+=strlen(cksumname);
break;
case 'C':
cflag=1;
longk=1;
strncpy(cksumname,p,200);
+ cksumname[sizeof(cksumname)-1]='\0';
p+=strlen(cksumname);
break;
case 'e':
@@ -190,6 +192,7 @@ int main(int argc, char **argv)
case 'u':
uflag=1;
strncpy(uuname,p,200);
+ uuname[sizeof(uuname)-1]='\0';
p+=strlen(uuname);
break;
case 'h':
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 9d9b0af8de..4271393069 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -71,7 +71,10 @@ void EVP_set_pw_prompt(char *prompt)
if (prompt == NULL)
prompt_string[0]='\0';
else
+ {
strncpy(prompt_string,prompt,79);
+ prompt_string[79]='\0';
+ }
}
char *EVP_get_pw_prompt(void)
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index f0271fdfa1..1e718f76eb 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -94,6 +94,7 @@ int i;
OPENSSL_free(b);
}
strncpy(buf,"NO X509_NAME",len);
+ buf[len-1]='\0';
return buf;
}
diff --git a/ssl/kssl.c b/ssl/kssl.c
index 49b749b054..edc108b3de 100644
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -1597,10 +1597,12 @@ kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
else
{
strncpy(*princ, entity->data, entity->length);
+ (*princ)[entity->length]='\0';
if (realm)
{
strcat (*princ, "@");
(void) strncat(*princ, realm->data, realm->length);
+ (*princ)[entity->length+1+realm->length]='\0';
}
}