Rather than sprinkling magical numbers everywhere, we can use sizeof()

for the size of a fixed size array.
From Dirk Engling <erdgeist@erdgeist.org>

diff --git a/lib/libcrypto/asn1/n_pkey.c b/lib/libcrypto/asn1/n_pkey.c
index 1a724cf..5c6181b 100644 (file)
--- a/lib/libcrypto/asn1/n_pkey.c
+++ b/lib/libcrypto/asn1/n_pkey.c
@@ -189,7 +189,7 @@ i2d_RSA_NET(const RSA *a, unsigned char **pp,
 
        if (cb == NULL)
                cb = EVP_read_pw_string;
-       i = cb((char *)buf, 256, "Enter Private Key password:", 1);
+       i = cb((char *)buf, sizeof(buf), "Enter Private Key password:", 1);
        if (i != 0) {
                ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ);
                goto err;
@@ -205,7 +205,7 @@ i2d_RSA_NET(const RSA *a, unsigned char **pp,
 
        if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL))
                goto err;
-       OPENSSL_cleanse(buf, 256);
+       OPENSSL_cleanse(buf, sizeof(buf));
 
        /* Encrypt private key in place */
        zz = enckey->enckey->digest->data;
@@ -286,7 +286,7 @@ d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
        EVP_CIPHER_CTX ctx;
        EVP_CIPHER_CTX_init(&ctx);
 
-       i=cb((char *)buf,256, "Enter Private Key password:",0);
+       i=cb((char *)buf, sizeof(buf), "Enter Private Key password:",0);
        if (i != 0) {
                ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_BAD_PASSWORD_READ);
                goto err;
@@ -302,7 +302,7 @@ d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
 
        if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL))
                goto err;
-       OPENSSL_cleanse(buf, 256);
+       OPENSSL_cleanse(buf, sizeof(buf));
 
        if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
                goto err;

diff --git a/lib/libssl/src/crypto/asn1/n_pkey.c b/lib/libssl/src/crypto/asn1/n_pkey.c
index 1a724cf..5c6181b 100644 (file)
--- a/lib/libssl/src/crypto/asn1/n_pkey.c
+++ b/lib/libssl/src/crypto/asn1/n_pkey.c
@@ -189,7 +189,7 @@ i2d_RSA_NET(const RSA *a, unsigned char **pp,
 
        if (cb == NULL)
                cb = EVP_read_pw_string;
-       i = cb((char *)buf, 256, "Enter Private Key password:", 1);
+       i = cb((char *)buf, sizeof(buf), "Enter Private Key password:", 1);
        if (i != 0) {
                ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ);
                goto err;
@@ -205,7 +205,7 @@ i2d_RSA_NET(const RSA *a, unsigned char **pp,
 
        if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL))
                goto err;
-       OPENSSL_cleanse(buf, 256);
+       OPENSSL_cleanse(buf, sizeof(buf));
 
        /* Encrypt private key in place */
        zz = enckey->enckey->digest->data;
@@ -286,7 +286,7 @@ d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
        EVP_CIPHER_CTX ctx;
        EVP_CIPHER_CTX_init(&ctx);
 
-       i=cb((char *)buf,256, "Enter Private Key password:",0);
+       i=cb((char *)buf, sizeof(buf), "Enter Private Key password:",0);
        if (i != 0) {
                ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_BAD_PASSWORD_READ);
                goto err;
@@ -302,7 +302,7 @@ d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
 
        if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL))
                goto err;
-       OPENSSL_cleanse(buf, 256);
+       OPENSSL_cleanse(buf, sizeof(buf));
 
        if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
                goto err;