From 8973ce98e36e2765b31d6d654e5c765a54a16ee1 Mon Sep 17 00:00:00 2001 From: beck Date: Thu, 17 Apr 2014 20:03:03 +0000 Subject: [PATCH] fix BIO_snprintf usage in here. ok tedu@ --- lib/libcrypto/engine/eng_ctrl.c | 27 +++++++++++++++++-------- lib/libssl/src/crypto/engine/eng_ctrl.c | 27 +++++++++++++++++-------- 2 files changed, 38 insertions(+), 16 deletions(-) diff --git a/lib/libcrypto/engine/eng_ctrl.c b/lib/libcrypto/engine/eng_ctrl.c index 5ce25d92ec9..d5017e23291 100644 --- a/lib/libcrypto/engine/eng_ctrl.c +++ b/lib/libcrypto/engine/eng_ctrl.c @@ -104,6 +104,7 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) { int idx; + int ret; char *s = (char *)p; /* Take care of the easy one first (eg. it requires no searches) */ if(cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) @@ -158,19 +159,29 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD: return strlen(e->cmd_defns[idx].cmd_name); case ENGINE_CTRL_GET_NAME_FROM_CMD: - return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1, - "%s", e->cmd_defns[idx].cmd_name); + ret = snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1, + "%s", e->cmd_defns[idx].cmd_name); + if (ret >= (strlen(e->cmd_defns[idx].cmd_name) + 1)) + ret = -1; + return ret; case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: if(e->cmd_defns[idx].cmd_desc) return strlen(e->cmd_defns[idx].cmd_desc); return strlen(int_no_description); case ENGINE_CTRL_GET_DESC_FROM_CMD: - if(e->cmd_defns[idx].cmd_desc) - return BIO_snprintf(s, - strlen(e->cmd_defns[idx].cmd_desc) + 1, - "%s", e->cmd_defns[idx].cmd_desc); - return BIO_snprintf(s, strlen(int_no_description) + 1,"%s", - int_no_description); + if(e->cmd_defns[idx].cmd_desc) { + ret = snprintf(s, + strlen(e->cmd_defns[idx].cmd_desc) + 1, + "%s", e->cmd_defns[idx].cmd_desc); + if (ret >= strlen(e->cmd_defns[idx].cmd_desc) + 1) + ret = -1; + return ret; + } + ret = snprintf(s, strlen(int_no_description) + 1,"%s", + int_no_description); + if (ret >= strlen(int_no_description) + 1) + ret = -1; + return ret; case ENGINE_CTRL_GET_CMD_FLAGS: return e->cmd_defns[idx].cmd_flags; } diff --git a/lib/libssl/src/crypto/engine/eng_ctrl.c b/lib/libssl/src/crypto/engine/eng_ctrl.c index 5ce25d92ec9..d5017e23291 100644 --- a/lib/libssl/src/crypto/engine/eng_ctrl.c +++ b/lib/libssl/src/crypto/engine/eng_ctrl.c @@ -104,6 +104,7 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) { int idx; + int ret; char *s = (char *)p; /* Take care of the easy one first (eg. it requires no searches) */ if(cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) @@ -158,19 +159,29 @@ static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD: return strlen(e->cmd_defns[idx].cmd_name); case ENGINE_CTRL_GET_NAME_FROM_CMD: - return BIO_snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1, - "%s", e->cmd_defns[idx].cmd_name); + ret = snprintf(s,strlen(e->cmd_defns[idx].cmd_name) + 1, + "%s", e->cmd_defns[idx].cmd_name); + if (ret >= (strlen(e->cmd_defns[idx].cmd_name) + 1)) + ret = -1; + return ret; case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: if(e->cmd_defns[idx].cmd_desc) return strlen(e->cmd_defns[idx].cmd_desc); return strlen(int_no_description); case ENGINE_CTRL_GET_DESC_FROM_CMD: - if(e->cmd_defns[idx].cmd_desc) - return BIO_snprintf(s, - strlen(e->cmd_defns[idx].cmd_desc) + 1, - "%s", e->cmd_defns[idx].cmd_desc); - return BIO_snprintf(s, strlen(int_no_description) + 1,"%s", - int_no_description); + if(e->cmd_defns[idx].cmd_desc) { + ret = snprintf(s, + strlen(e->cmd_defns[idx].cmd_desc) + 1, + "%s", e->cmd_defns[idx].cmd_desc); + if (ret >= strlen(e->cmd_defns[idx].cmd_desc) + 1) + ret = -1; + return ret; + } + ret = snprintf(s, strlen(int_no_description) + 1,"%s", + int_no_description); + if (ret >= strlen(int_no_description) + 1) + ret = -1; + return ret; case ENGINE_CTRL_GET_CMD_FLAGS: return e->cmd_defns[idx].cmd_flags; } -- 2.20.1