Commit 26414ee0 authored by Richard Levitte's avatar Richard Levitte
Browse files

Increase internal security when using strncpy, by making sure the resulting... 

Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated
parent 5c62f68e

STATUS

+1 −4
Original line number Diff line number Diff line 


  OpenSSL STATUS                           Last modified at

  ______________                           $Date: 2002/02/21 17:23:04 $

  ______________                           $Date: 2002/02/28 12:42:00 $



  DEVELOPMENT STATE
@@ -63,9 +63,6 @@ 


    o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file



    o  Whenever strncpy is used, make sure the resulting string is NULL-terminated

       or an error is reported



    o  "OpenSSL STATUS" is never up-to-date.



  OPEN ISSUES

apps/ca.c

+8 −0
Original line number Diff line number Diff line
@@ -571,6 +571,7 @@ bad: 
#else

		strncpy(buf[0],X509_get_default_cert_area(),

			sizeof(buf[0])-2-sizeof(CONFIG_FILE));

		buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0';

		strcat(buf[0],"/");

#endif

		strcat(buf[0],CONFIG_FILE);
@@ -1277,6 +1278,7 @@ bad: 
			BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));



			strncpy(buf[0],serialfile,BSIZE-4);

			buf[0][BSIZE-4]='\0';



#ifdef OPENSSL_SYS_VMS

			strcat(buf[0],"-new");
@@ -1287,6 +1289,7 @@ bad: 
			if (!save_serial(buf[0],serial)) goto err;



			strncpy(buf[1],dbfile,BSIZE-4);

			buf[1][BSIZE-4]='\0';



#ifdef OPENSSL_SYS_VMS

			strcat(buf[1],"-new");
@@ -1317,6 +1320,7 @@ bad: 
			p=(char *)x->cert_info->serialNumber->data;

			

			strncpy(buf[2],outdir,BSIZE-(j*2)-6);

			buf[2][BSIZE-(j*2)-6]='\0';



#ifndef OPENSSL_SYS_VMS

			strcat(buf[2],"/");
@@ -1354,6 +1358,7 @@ bad: 
			{

			/* Rename the database and the serial file */

			strncpy(buf[2],serialfile,BSIZE-4);

			buf[2][BSIZE-4]='\0';



#ifdef OPENSSL_SYS_VMS

			strcat(buf[2],"-old");
@@ -1382,6 +1387,7 @@ bad: 
				}



			strncpy(buf[2],dbfile,BSIZE-4);

			buf[2][BSIZE-4]='\0';



#ifdef OPENSSL_SYS_VMS

			strcat(buf[2],"-old");
@@ -1554,6 +1560,7 @@ bad: 
			X509_free(revcert);



			strncpy(buf[0],dbfile,BSIZE-4);

			buf[0][BSIZE-4]='\0';

#ifndef OPENSSL_SYS_VMS

			strcat(buf[0],".new");

#else
@@ -1568,6 +1575,7 @@ bad: 
			j=TXT_DB_write(out,db);

			if (j <= 0) goto err;

			strncpy(buf[1],dbfile,BSIZE-4);

			buf[1][BSIZE-4]='\0';

#ifndef OPENSSL_SYS_VMS

			strcat(buf[1],".old");

#else

crypto/des/des.c

+3 −0
Original line number Diff line number Diff line
@@ -153,12 +153,14 @@ int main(int argc, char **argv) 
				case 'c':

					cflag=1;

					strncpy(cksumname,p,200);

					cksumname[sizeof(cksumname)-1]='\0';

					p+=strlen(cksumname);

					break;

				case 'C':

					cflag=1;

					longk=1;

					strncpy(cksumname,p,200);

					cksumname[sizeof(cksumname)-1]='\0';

					p+=strlen(cksumname);

					break;

				case 'e':
@@ -190,6 +192,7 @@ int main(int argc, char **argv) 
				case 'u':

					uflag=1;

					strncpy(uuname,p,200);

					uuname[sizeof(uuname)-1]='\0';

					p+=strlen(uuname);

					break;

				case 'h':

crypto/evp/evp_key.c

+3 −0
Original line number Diff line number Diff line
@@ -71,7 +71,10 @@ void EVP_set_pw_prompt(char *prompt) 
	if (prompt == NULL)

		prompt_string[0]='\0';

	else

		{

		strncpy(prompt_string,prompt,79);

		prompt_string[79]='\0';

		}

	}



char *EVP_get_pw_prompt(void)

crypto/x509/x509_obj.c

+1 −0
Original line number Diff line number Diff line
@@ -94,6 +94,7 @@ int i; 
		OPENSSL_free(b);

		}

	    strncpy(buf,"NO X509_NAME",len);

	    buf[len-1]='\0';

	    return buf;

	    }