From 30e8f6f587e70ec1573015d559065341d3ee1f61 Mon Sep 17 00:00:00 2001
From: inoguchi <inoguchi@openbsd.org>
Date: Sat, 28 Aug 2021 05:14:30 +0000
Subject: [PATCH] Use strndup instead of malloc, memcpy and NULL termination in
 openssl(1) ca.c

suggested from tb@ for do_updatedb(),
and applied the same for do_body() and do_revoke().
---
 usr.bin/openssl/ca.c | 15 ++++-----------
 1 file changed, 4 insertions(+), 11 deletions(-)

diff --git a/usr.bin/openssl/ca.c b/usr.bin/openssl/ca.c
index b04a93b0653..f7e3a730078 100644
--- a/usr.bin/openssl/ca.c
+++ b/usr.bin/openssl/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.39 2021/08/28 04:02:20 inoguchi Exp $ */
+/* $OpenBSD: ca.c,v 1.40 2021/08/28 05:14:30 inoguchi Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2247,15 +2247,12 @@ do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 	row[DB_type] = malloc(2);
 
 	tm = X509_get_notAfter(ret);
-	row[DB_exp_date] = malloc(tm->length + 1);
+	row[DB_exp_date] = strndup(tm->data, tm->length);
 	if (row[DB_type] == NULL || row[DB_exp_date] == NULL) {
 		BIO_printf(bio_err, "Memory allocation failure\n");
 		goto err;
 	}
 
-	memcpy(row[DB_exp_date], tm->data, tm->length);
-	row[DB_exp_date][tm->length] = '\0';
-
 	row[DB_rev_date] = NULL;
 
 	/* row[DB_serial] done already */
@@ -2507,13 +2504,11 @@ do_revoke(X509 *x509, CA_DB *db, int type, char *value)
 		row[DB_type] = malloc(2);
 
 		tm = X509_get_notAfter(x509);
-		row[DB_exp_date] = malloc(tm->length + 1);
+		row[DB_exp_date] = strndup(tm->data, tm->length);
 		if (row[DB_type] == NULL || row[DB_exp_date] == NULL) {
 			BIO_printf(bio_err, "Memory allocation failure\n");
 			goto err;
 		}
-		memcpy(row[DB_exp_date], tm->data, tm->length);
-		row[DB_exp_date][tm->length] = '\0';
 
 		row[DB_rev_date] = NULL;
 
@@ -2673,13 +2668,11 @@ do_updatedb(CA_DB *db)
 		cnt = -1;
 		goto err;
 	}
-	a_tm_s = malloc(a_tm->length + 1);
+	a_tm_s = strndup(a_tm->data, a_tm->length);
 	if (a_tm_s == NULL) {
 		cnt = -1;
 		goto err;
 	}
-	memcpy(a_tm_s, a_tm->data, a_tm->length);
-	a_tm_s[a_tm->length] = '\0';
 
 	if (strncmp(a_tm_s, "49", 2) <= 0)
 		a_y2k = 1;
-- 
2.20.1