artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ac58fe0)
better fix for overrun reported by Qualys Security.
authortedu <tedu@openbsd.org>
Wed, 14 Oct 2015 21:54:10 +0000 (21:54 +0000)
committertedu <tedu@openbsd.org>
Wed, 14 Oct 2015 21:54:10 +0000 (21:54 +0000)
buf is at all times kept nul terminated, so there is no need to enforce
this again upon exit. (no need to move buf around after we exahust space.)
ok beck miod

lib/libcrypto/objects/obj_dat.c patch | blob | history
lib/libssl/src/crypto/objects/obj_dat.c patch | blob | history

diff --git a/lib/libcrypto/objects/obj_dat.c b/lib/libcrypto/objects/obj_dat.c
index dd5d501..627f323 100644 (file)
--- a/lib/libcrypto/objects/obj_dat.c
+++ b/lib/libcrypto/objects/obj_dat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_dat.c,v 1.34 2015/10/14 21:25:16 beck Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.35 2015/10/14 21:54:10 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -580,7 +580,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
                        if (i == -1)
                                goto err;
                        if (i >= buf_len) {
-                               buf += buf_len - 1;
                                buf_len = 0;
                        } else {
                                buf += i;
@@ -592,7 +591,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
                        if (i == -1)
                                goto err;
                        if (i >= buf_len) {
-                               buf += buf_len - 1;
                                buf_len = 0;
                        } else {
                                buf += i;
@@ -609,7 +607,6 @@ out:
 
 err:
        ret = 0;
-       buf[0] = '\0';
        goto out;
 }
 
diff --git a/lib/libssl/src/crypto/objects/obj_dat.c b/lib/libssl/src/crypto/objects/obj_dat.c
index dd5d501..627f323 100644 (file)
--- a/lib/libssl/src/crypto/objects/obj_dat.c
+++ b/lib/libssl/src/crypto/objects/obj_dat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_dat.c,v 1.34 2015/10/14 21:25:16 beck Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.35 2015/10/14 21:54:10 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -580,7 +580,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
                        if (i == -1)
                                goto err;
                        if (i >= buf_len) {
-                               buf += buf_len - 1;
                                buf_len = 0;
                        } else {
                                buf += i;
@@ -592,7 +591,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
                        if (i == -1)
                                goto err;
                        if (i >= buf_len) {
-                               buf += buf_len - 1;
                                buf_len = 0;
                        } else {
                                buf += i;
@@ -609,7 +607,6 @@ out:
 
 err:
        ret = 0;
-       buf[0] = '\0';
        goto out;
 }
 
OpenBSD src
by Ahmet Artu Yildirim