From b2b9787f74e5a89f0eb52afcf89be6ebad692798 Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 29 Nov 2022 07:03:40 +0000 Subject: [PATCH] Make X509_verify_cert_error_string() thread safe Stop returning a pointer to a static buffer containing the error code on unknown error. While this might be helpful, it's not going to end well. ok beck claudio jsing --- lib/libcrypto/x509/x509_txt.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/lib/libcrypto/x509/x509_txt.c b/lib/libcrypto/x509/x509_txt.c index 129757494ca..8485aeb5d10 100644 --- a/lib/libcrypto/x509/x509_txt.c +++ b/lib/libcrypto/x509/x509_txt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_txt.c,v 1.21 2022/11/14 17:48:50 beck Exp $ */ +/* $OpenBSD: x509_txt.c,v 1.22 2022/11/29 07:03:40 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -70,8 +70,6 @@ const char * X509_verify_cert_error_string(long n) { - static char buf[100]; - switch ((int)n) { case X509_V_OK: return("ok"); @@ -199,8 +197,7 @@ X509_verify_cert_error_string(long n) return("CA signature digest algorithm too weak"); default: - (void) snprintf(buf, sizeof buf, "error number %ld", n); - return(buf); + return("Unknown certificate verification error"); } } LCRYPTO_ALIAS(X509_verify_cert_error_string) -- 2.20.1