From: miod <miod@openbsd.org>
Date: Sun, 18 May 2014 19:30:36 +0000 (+0000)
Subject: Make sure UTF8_getc() is invoked with the proper buffer size.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f4feb42a2d400d74d2bb069505de172c22ccab1f;p=openbsd

Make sure UTF8_getc() is invoked with the proper buffer size.

ok beck@ guenther@
---

diff --git a/lib/libcrypto/asn1/a_strex.c b/lib/libcrypto/asn1/a_strex.c
index 248eac28f6a..462a4059bec 100644
--- a/lib/libcrypto/asn1/a_strex.c
+++ b/lib/libcrypto/asn1/a_strex.c
@@ -111,7 +111,7 @@ send_fp_chars(void *arg, const void *buf, int len)
 {
 	if (!arg)
 		return 1;
-	if (fwrite(buf, 1, len, arg) != (unsigned int)len)
+	if (fwrite(buf, 1, (size_t)len, arg) != (size_t)len)
 		return 0;
 	return 1;
 }
@@ -227,7 +227,7 @@ do_buf(unsigned char *buf, int buflen, int type, unsigned char flags,
 			break;
 
 		case 0:
-			i = UTF8_getc(p, buflen, &c);
+			i = UTF8_getc(p, q - p, &c);
 			if (i < 0)
 				return -1;	/* Invalid UTF8String */
 			p += i;
diff --git a/lib/libssl/src/crypto/asn1/a_strex.c b/lib/libssl/src/crypto/asn1/a_strex.c
index 248eac28f6a..462a4059bec 100644
--- a/lib/libssl/src/crypto/asn1/a_strex.c
+++ b/lib/libssl/src/crypto/asn1/a_strex.c
@@ -111,7 +111,7 @@ send_fp_chars(void *arg, const void *buf, int len)
 {
 	if (!arg)
 		return 1;
-	if (fwrite(buf, 1, len, arg) != (unsigned int)len)
+	if (fwrite(buf, 1, (size_t)len, arg) != (size_t)len)
 		return 0;
 	return 1;
 }
@@ -227,7 +227,7 @@ do_buf(unsigned char *buf, int buflen, int type, unsigned char flags,
 			break;
 
 		case 0:
-			i = UTF8_getc(p, buflen, &c);
+			i = UTF8_getc(p, q - p, &c);
 			if (i < 0)
 				return -1;	/* Invalid UTF8String */
 			p += i;