diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-04-04 12:44:43 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-04-04 13:09:05 +0100 |
| commit | e56334998c4fb7d0d7fc2d484faa37e8049d5967 (patch) | |
| tree | b34d4879a642b18b6301f8529f0059142b936970 /apps | |
| parent | 9ad5c5e4f9ea8ad948a391ae39b59d40138895c0 (diff) | |
Use correct length when prompting for password.
Use bufsiz - 1 not BUFSIZ - 1 when prompting for a password in
the openssl utility.
Thanks to Rob Mackinnon, Leviathan Security for reporting this issue.
(cherry picked from commit 7ba08a4d73c1bdfd3aced09a628b1d7d7747cdca)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/apps.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/apps.c b/apps/apps.c index f9fe9a2af1..ce8d9c9a7d 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -558,12 +558,12 @@ int password_callback(char *buf, int bufsiz, int verify, if (ok >= 0) ok = UI_add_input_string(ui,prompt,ui_flags,buf, - PW_MIN_LENGTH,BUFSIZ-1); + PW_MIN_LENGTH,bufsiz-1); if (ok >= 0 && verify) { buff = (char *)OPENSSL_malloc(bufsiz); ok = UI_add_verify_string(ui,prompt,ui_flags,buff, - PW_MIN_LENGTH,BUFSIZ-1, buf); + PW_MIN_LENGTH,bufsiz-1, buf); } if (ok >= 0) do |