[exim-cvs] gen_pkcs3: Terminate string before calling BH_hex…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Exim Git Commits Mailing List
Data:  
Para: exim-cvs
Asunto: [exim-cvs] gen_pkcs3: Terminate string before calling BH_hex2bn()
Gitweb: https://git.exim.org/exim.git/commitdiff/17218ac718eb00d616c131ad40f1875e43254d5c
Commit:     17218ac718eb00d616c131ad40f1875e43254d5c
Parent:     7411ebe05198d5365557b6c982b76ceb9e843894
Author:     Simon Arlott <sa.me.uk>
AuthorDate: Thu Sep 24 23:03:14 2020 +0100
Committer:  Heiko Schlittermann (HS12-RIPE) <hs@???>
CommitDate: Thu May 27 21:30:21 2021 +0200


    gen_pkcs3: Terminate string before calling BH_hex2bn()


    Signed-off-by: Phil Pennock <pdp@???>
    (cherry picked from commit 1cf66e5872d517b620c308af634e4e26e3547f06)
    (cherry picked from commit 48d8c54ecf9493c709d4305850877b6062f285a7)
---
 src/util/gen_pkcs3.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)


diff --git a/src/util/gen_pkcs3.c b/src/util/gen_pkcs3.c
index 6a467e0..5c4e429 100644
--- a/src/util/gen_pkcs3.c
+++ b/src/util/gen_pkcs3.c
@@ -54,7 +54,6 @@ void __attribute__((__noreturn__))
die_openssl_err(const char *msg)
{
char err_string[250];
- unsigned long e;

ERR_error_string_n(ERR_get_error(), err_string, sizeof(err_string));
die("%s: %s", msg, err_string);
@@ -71,9 +70,9 @@ bn_from_text(const char *text)
int rc;

   len = strlen(text);
-  spaceless = malloc(len);
+  spaceless = malloc(len + 1);
   if (!spaceless)
-    die("malloc(%zu) failed: %s", len, strerror(errno));
+    die("malloc(%zu) failed: %s", len + 1, strerror(errno));


   for (p = spaceless, q = text, end = text + len;
        q < end;
@@ -81,13 +80,15 @@ bn_from_text(const char *text)
     if (!isspace(*q))
       *p++ = *q;
   }
+  len = p - spaceless;
+  *p++ = '\0';


b = NULL;
rc = BN_hex2bn(&b, spaceless);

-  if (rc != p - spaceless)
+  if (rc != (int)len)
     die("BN_hex2bn did not convert entire input; took %d of %zu bytes",
-        rc, p - spaceless);
+        rc, len);


return b;
}