diff options
author | Richard Levitte <levitte@openssl.org> | 2002-02-28 12:42:19 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2002-02-28 12:42:19 +0000 |
commit | 26414ee013170f2d8e42b1995dbb30c03e7ed16c (patch) | |
tree | 8c063e88267e1cc018fb3a71a74b35962249702f /apps | |
parent | 5c62f68e14f38101e2a1dd969b1d5f587a16bfdb (diff) |
Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated
Diffstat (limited to 'apps')
-rw-r--r-- | apps/ca.c | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -571,6 +571,7 @@ bad: #else strncpy(buf[0],X509_get_default_cert_area(), sizeof(buf[0])-2-sizeof(CONFIG_FILE)); + buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0'; strcat(buf[0],"/"); #endif strcat(buf[0],CONFIG_FILE); @@ -1277,6 +1278,7 @@ bad: BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk)); strncpy(buf[0],serialfile,BSIZE-4); + buf[0][BSIZE-4]='\0'; #ifdef OPENSSL_SYS_VMS strcat(buf[0],"-new"); @@ -1287,6 +1289,7 @@ bad: if (!save_serial(buf[0],serial)) goto err; strncpy(buf[1],dbfile,BSIZE-4); + buf[1][BSIZE-4]='\0'; #ifdef OPENSSL_SYS_VMS strcat(buf[1],"-new"); @@ -1317,6 +1320,7 @@ bad: p=(char *)x->cert_info->serialNumber->data; strncpy(buf[2],outdir,BSIZE-(j*2)-6); + buf[2][BSIZE-(j*2)-6]='\0'; #ifndef OPENSSL_SYS_VMS strcat(buf[2],"/"); @@ -1354,6 +1358,7 @@ bad: { /* Rename the database and the serial file */ strncpy(buf[2],serialfile,BSIZE-4); + buf[2][BSIZE-4]='\0'; #ifdef OPENSSL_SYS_VMS strcat(buf[2],"-old"); @@ -1382,6 +1387,7 @@ bad: } strncpy(buf[2],dbfile,BSIZE-4); + buf[2][BSIZE-4]='\0'; #ifdef OPENSSL_SYS_VMS strcat(buf[2],"-old"); @@ -1554,6 +1560,7 @@ bad: X509_free(revcert); strncpy(buf[0],dbfile,BSIZE-4); + buf[0][BSIZE-4]='\0'; #ifndef OPENSSL_SYS_VMS strcat(buf[0],".new"); #else @@ -1568,6 +1575,7 @@ bad: j=TXT_DB_write(out,db); if (j <= 0) goto err; strncpy(buf[1],dbfile,BSIZE-4); + buf[1][BSIZE-4]='\0'; #ifndef OPENSSL_SYS_VMS strcat(buf[1],".old"); #else |