From 2622bd35c6583148624f281207c964ab997cceab Mon Sep 17 00:00:00 2001 From: beck Date: Sun, 20 Apr 2014 22:32:58 +0000 Subject: [PATCH] replace a bunch of pointer-arithmatic-strcpy-converted-blindly-to-strlcpy cruft with an snprintf. "better than what was there" ok guenther@ --- lib/libcrypto/asn1/a_time.c | 14 +++++++------- lib/libssl/src/crypto/asn1/a_time.c | 14 +++++++------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/lib/libcrypto/asn1/a_time.c b/lib/libcrypto/asn1/a_time.c index 29d56b827a8..080c3dfddb2 100644 --- a/lib/libcrypto/asn1/a_time.c +++ b/lib/libcrypto/asn1/a_time.c @@ -126,6 +126,7 @@ ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) ASN1_GENERALIZEDTIME *ret; char *str; int newlen; + int i; if (!ASN1_TIME_check(t)) return NULL; @@ -151,13 +152,12 @@ ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) /* ASN1_STRING_set() allocated 'len + 1' bytes. */ newlen = t->length + 2 + 1; str = (char *)ret->data; - /* Work out the century and prepend */ - if (t->data[0] >= '5') - strlcpy(str, "19", newlen); - else - strlcpy(str, "20", newlen); - strlcat(str, (char *)t->data, newlen); - + i = snprintf(str, newlen, "%s%s", (t->data >= '5') ? "19" : "20", + (char *) t->data); + if (i == -1 || i >= newlen) { + ASN1_STRING_free(ret); + return NULL; + } return ret; } diff --git a/lib/libssl/src/crypto/asn1/a_time.c b/lib/libssl/src/crypto/asn1/a_time.c index 29d56b827a8..080c3dfddb2 100644 --- a/lib/libssl/src/crypto/asn1/a_time.c +++ b/lib/libssl/src/crypto/asn1/a_time.c @@ -126,6 +126,7 @@ ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) ASN1_GENERALIZEDTIME *ret; char *str; int newlen; + int i; if (!ASN1_TIME_check(t)) return NULL; @@ -151,13 +152,12 @@ ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) /* ASN1_STRING_set() allocated 'len + 1' bytes. */ newlen = t->length + 2 + 1; str = (char *)ret->data; - /* Work out the century and prepend */ - if (t->data[0] >= '5') - strlcpy(str, "19", newlen); - else - strlcpy(str, "20", newlen); - strlcat(str, (char *)t->data, newlen); - + i = snprintf(str, newlen, "%s%s", (t->data >= '5') ? "19" : "20", + (char *) t->data); + if (i == -1 || i >= newlen) { + ASN1_STRING_free(ret); + return NULL; + } return ret; } -- 2.20.1