From fe547197fae5bcefba6436bbe7d5442719d0f667 Mon Sep 17 00:00:00 2001 From: tedu Date: Wed, 14 Oct 2015 21:54:10 +0000 Subject: [PATCH] better fix for overrun reported by Qualys Security. buf is at all times kept nul terminated, so there is no need to enforce this again upon exit. (no need to move buf around after we exahust space.) ok beck miod --- lib/libcrypto/objects/obj_dat.c | 5 +---- lib/libssl/src/crypto/objects/obj_dat.c | 5 +---- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/lib/libcrypto/objects/obj_dat.c b/lib/libcrypto/objects/obj_dat.c index dd5d50122b9..627f3230a7c 100644 --- a/lib/libcrypto/objects/obj_dat.c +++ b/lib/libcrypto/objects/obj_dat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: obj_dat.c,v 1.34 2015/10/14 21:25:16 beck Exp $ */ +/* $OpenBSD: obj_dat.c,v 1.35 2015/10/14 21:54:10 tedu Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -580,7 +580,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) if (i == -1) goto err; if (i >= buf_len) { - buf += buf_len - 1; buf_len = 0; } else { buf += i; @@ -592,7 +591,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) if (i == -1) goto err; if (i >= buf_len) { - buf += buf_len - 1; buf_len = 0; } else { buf += i; @@ -609,7 +607,6 @@ out: err: ret = 0; - buf[0] = '\0'; goto out; } diff --git a/lib/libssl/src/crypto/objects/obj_dat.c b/lib/libssl/src/crypto/objects/obj_dat.c index dd5d50122b9..627f3230a7c 100644 --- a/lib/libssl/src/crypto/objects/obj_dat.c +++ b/lib/libssl/src/crypto/objects/obj_dat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: obj_dat.c,v 1.34 2015/10/14 21:25:16 beck Exp $ */ +/* $OpenBSD: obj_dat.c,v 1.35 2015/10/14 21:54:10 tedu Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -580,7 +580,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) if (i == -1) goto err; if (i >= buf_len) { - buf += buf_len - 1; buf_len = 0; } else { buf += i; @@ -592,7 +591,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) if (i == -1) goto err; if (i >= buf_len) { - buf += buf_len - 1; buf_len = 0; } else { buf += i; @@ -609,7 +607,6 @@ out: err: ret = 0; - buf[0] = '\0'; goto out; } -- 2.20.1