Recent and not so recent changes from 0.9.7-stable, all conflicts resolved.

author: Richard Levitte <levitte@openssl.org> 2004-01-19 08:53:02 +0000
committer: Richard Levitte <levitte@openssl.org> 2004-01-19 08:53:02 +0000
commit: 8b79f2051d831eb7cb51205b27661d43e3cf3f5e (patch)
tree: fca871353fec9cdc5c0c644580a7007d1f67ca26 /apps
parent: 799562704032021e111a998c0a2e286e7b405a28 (diff)
12 files changed, 78 insertions, 67 deletions
diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl
index 90e71dee76..7068286204 100644
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -121,7 +121,7 @@ tags:
 tests:
 
 links:
-	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@sh $(TOP)/util/point.sh Makefile.ssl Makefile
 
 lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff
diff --git a/apps/apps.c b/apps/apps.c
index 2a7c7f25a2..cfb7539a49 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1385,14 +1385,16 @@ int load_config(BIO *err, CONF *cnf)
 char *make_config_name()
 	{
 	const char *t=X509_get_default_cert_area();
+	size_t len;
 	char *p;
 
-	p=OPENSSL_malloc(strlen(t)+strlen(OPENSSL_CONF)+2);
-	strcpy(p,t);
+	len=strlen(t)+strlen(OPENSSL_CONF)+2;
+	p=OPENSSL_malloc(len);
+	BUF_strlcpy(p,t,len);
 #ifndef OPENSSL_SYS_VMS
-	strcat(p,"/");
+	BUF_strlcat(p,"/",len);
 #endif
-	strcat(p,OPENSSL_CONF);
+	BUF_strlcat(p,OPENSSL_CONF,len);
 
 	return p;
 	}
diff --git a/apps/ca.c b/apps/ca.c
index b5a08be246..f4299c3280 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -569,16 +569,19 @@ bad:
 	if (configfile == NULL)
 		{
 		const char *s=X509_get_default_cert_area();
+		size_t len;
 
 #ifdef OPENSSL_SYS_VMS
-		tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE));
+		len = strlen(s)+sizeof(CONFIG_FILE);
+		tofree=OPENSSL_malloc(len);
 		strcpy(tofree,s);
 #else
-		tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE)+1);
-		strcpy(tofree,s);
-		strcat(tofree,"/");
+		len = strlen(s)+sizeof(CONFIG_FILE)+1;
+		tofree=OPENSSL_malloc(len);
+		BUF_strlcpy(tofree,s,len);
+		BUF_strlcat(tofree,"/",len);
 #endif
-		strcat(tofree,CONFIG_FILE);
+		BUF_strlcat(tofree,CONFIG_FILE,len);
 		configfile=tofree;
 		}
 
@@ -1302,7 +1305,7 @@ bad:
 #ifdef OPENSSL_SYS_VMS
 			strcat(buf[0],"-new");
 #else
-			strcat(buf[0],".new");
+			BUF_strlcat(buf[0],".new",sizeof(buf[0]));
 #endif
 
 			if (!save_serial(buf[0],serial)) goto err;
@@ -1312,7 +1315,7 @@ bad:
 #ifdef OPENSSL_SYS_VMS
 			strcat(buf[1],"-new");
 #else
-			strcat(buf[1],".new");
+			BUF_strlcat(buf[1],".new",sizeof(buf[1]));
 #endif
 
 			if (BIO_write_filename(out,buf[1]) <= 0)
@@ -1330,7 +1333,7 @@ bad:
 		for (i=0; i<sk_X509_num(cert_sk); i++)
 			{
 			int k;
-			unsigned char *n;
+			char *n;
 
 			x=sk_X509_value(cert_sk,i);
 
@@ -1346,15 +1349,19 @@ bad:
 			strcpy(buf[2],outdir);
 
 #ifndef OPENSSL_SYS_VMS
-			strcat(buf[2],"/");
+			BUF_strlcat(buf[2],"/",sizeof(buf[2]));
 #endif
 
-			n=(unsigned char *)&(buf[2][strlen(buf[2])]);
+			n=(char *)&(buf[2][strlen(buf[2])]);
 			if (j > 0)
 				{
 				for (k=0; k<j; k++)
 					{
-					sprintf((char *)n,"%02X",(unsigned char)*(p++));
+					if (n >= &(buf[2][sizeof(buf[2])]))
+						break;
+					BIO_snprintf(n,
+						     &buf[2][0] + sizeof(buf[2]) - n,
+						     "%02X",(unsigned char)*(p++));
 					n+=2;
 					}
 				}
@@ -1386,7 +1393,7 @@ bad:
 #ifdef OPENSSL_SYS_VMS
 			strcat(buf[2],"-old");
 #else
-			strcat(buf[2],".old");
+			BUF_strlcat(buf[2],".old",sizeof(buf[2]));
 #endif
 
 			BIO_free(in);
@@ -1415,7 +1422,7 @@ bad:
 #ifdef OPENSSL_SYS_VMS
 			strcat(buf[2],"-old");
 #else
-			strcat(buf[2],".old");
+			BUF_strlcat(buf[2],".old",sizeof(buf[2]));
 #endif
 
 			if (rename(dbfile,buf[2]) < 0)
@@ -1585,7 +1592,7 @@ bad:
 
 			strcpy(buf[0],dbfile);
 #ifndef OPENSSL_SYS_VMS
-			strcat(buf[0],".new");
+			BUF_strlcat(buf[0],".new",sizeof(buf[0]));
 #else
 			strcat(buf[0],"-new");
 #endif
@@ -1604,7 +1611,7 @@ bad:
 			strncpy(buf[1],dbfile,BSIZE-4);
 			buf[1][BSIZE-4]='\0';
 #ifndef OPENSSL_SYS_VMS
-			strcat(buf[1],".old");
+			BUF_strlcat(buf[1],".old",sizeof(buf[1]));
 #else
 			strcat(buf[1],"-old");
 #endif
@@ -2342,7 +2349,7 @@ again2:
 		BIO_printf(bio_err,"Memory allocation failure\n");
 		goto err;
 		}
-	strcpy(row[DB_file],"unknown");
+	BUF_strlcpy(row[DB_file],"unknown",8);
 	row[DB_type][0]='V';
 	row[DB_type][1]='\0';
 
@@ -2643,7 +2650,7 @@ static int do_revoke(X509 *x509, TXT_DB *db, int type, char *value)
 			BIO_printf(bio_err,"Memory allocation failure\n");
 			goto err;
 			}
-		strcpy(row[DB_file],"unknown");
+		BUF_strlcpy(row[DB_file],"unknown",8);
 		row[DB_type][0]='V';
 		row[DB_type][1]='\0';
 
@@ -2967,16 +2974,16 @@ char *make_revocation_str(int rev_type, char *rev_arg)
 
 	if (!str) return NULL;
 
-	strcpy(str, (char *)revtm->data);
+	BUF_strlcpy(str, (char *)revtm->data, i);
 	if (reason)
 		{
-		strcat(str, ",");
-		strcat(str, reason);
+		BUF_strlcat(str, ",", i);
+		BUF_strlcat(str, reason, i);
 		}
 	if (other)
 		{
-		strcat(str, ",");
-		strcat(str, other);
+		BUF_strlcat(str, ",", i);
+		BUF_strlcat(str, other, i);
 		}
 	ASN1_UTCTIME_free(revtm);
 	return str;
diff --git a/apps/dgst.c b/apps/dgst.c
index 47d1309b14..be25dafef7 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -347,8 +347,9 @@ int MAIN(int argc, char **argv)
 				}
 			if(!out_bin)
 				{
-				tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5);
-				sprintf(tmp,"%s(%s)= ",name,argv[i]);
+				size_t len = strlen(name)+strlen(argv[i])+5;
+				tmp=tofree=OPENSSL_malloc(len);
+				BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
 				}
 			else
 				tmp="";
diff --git a/apps/enc.c b/apps/enc.c
index 0a9f7310bf..30378a9542 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -373,9 +373,9 @@ bad:
 			{
 			char buf[200];
 
-			sprintf(buf,"enter %s %s password:",
-				OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
-				(enc)?"encryption":"decryption");
+			BIO_snprintf(buf,sizeof buf,"enter %s %s password:",
+				     OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
+				     (enc)?"encryption":"decryption");
 			strbuf[0]='\0';
 			i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
 			if (i == 0)
diff --git a/apps/engine.c b/apps/engine.c
index c3e1e8de1c..12283d0aed 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -122,8 +122,8 @@ static int append_buf(char **buf, const char *s, int *size, int step)
 		return 0;
 
 	if (**buf != '\0')
-		strcat(*buf, ", ");
-	strcat(*buf, s);
+		BUF_strlcat(*buf, ", ", *size);
+	BUF_strlcat(*buf, s, *size);
 
 	return 1;
 	}
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 5136acdc57..71192bdf74 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -557,7 +557,7 @@ int MAIN(int argc, char **argv)
 	    BIO_printf (bio_err, "Can't read Password\n");
 	    goto export_end;
         }
-	if (!twopass) strcpy(macpass, pass);
+	if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
 	/* Turn certbags into encrypted authsafe */
 	authsafe = PKCS12_pack_p7encdata(cert_pbe, cpass, -1, NULL, 0,
 								 iter, bags);
@@ -658,7 +658,7 @@ int MAIN(int argc, char **argv)
     CRYPTO_pop_info();
 #endif
 
-    if (!twopass) strcpy(macpass, pass);
+    if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass);
 
     if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
     if(macver) {
diff --git a/apps/req.c b/apps/req.c
index a657eaa50b..1a3d1d0dfa 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1223,34 +1223,34 @@ start:		for (;;)
 				}
 			/* If OBJ not recognised ignore it */
 			if ((nid=OBJ_txt2nid(type)) == NID_undef) goto start;
-
-			if(strlen(v->name) > sizeof buf-9)
+			if (BIO_snprintf(buf,sizeof buf,"%s_default",v->name)
+				>= sizeof buf)
 			   {
 			   BIO_printf(bio_err,"Name '%s' too long\n",v->name);
 			   return 0;
 			   }
 
-			sprintf(buf,"%s_default",v->name);
 			if ((def=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
 				{
 				ERR_clear_error();
 				def="";
 				}
-			sprintf(buf,"%s_value",v->name);
+				
+			BIO_snprintf(buf,sizeof buf,"%s_value",v->name);
 			if ((value=NCONF_get_string(req_conf,dn_sect,buf)) == NULL)
 				{
 				ERR_clear_error();
 				value=NULL;
 				}
 
-			sprintf(buf,"%s_min",v->name);
+			BIO_snprintf(buf,sizeof buf,"%s_min",v->name);
 			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min))
 				{
 				ERR_clear_error();
 				n_min = -1;
 				}
 
-			sprintf(buf,"%s_max",v->name);
+			BIO_snprintf(buf,sizeof buf,"%s_max",v->name);
 			if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max))
 				{
 				ERR_clear_error();
@@ -1288,13 +1288,13 @@ start2:			for (;;)
 				if ((nid=OBJ_txt2nid(type)) == NID_undef)
 					goto start2;
 
-				if(strlen(v->name) > sizeof buf-9)
+				if (BIO_snprintf(buf,sizeof buf,"%s_default",type)
+					>= sizeof buf)
 				   {
 				   BIO_printf(bio_err,"Name '%s' too long\n",v->name);
 				   return 0;
 				   }
 
-				sprintf(buf,"%s_default",type);
 				if ((def=NCONF_get_string(req_conf,attr_sect,buf))
 					== NULL)
 					{
@@ -1303,7 +1303,7 @@ start2:			for (;;)
 					}
 				
 				
-				sprintf(buf,"%s_value",type);
+				BIO_snprintf(buf,sizeof buf,"%s_value",type);
 				if ((value=NCONF_get_string(req_conf,attr_sect,buf))
 					== NULL)
 					{
@@ -1311,11 +1311,11 @@ start2:			for (;;)
 					value=NULL;
 					}
 
-				sprintf(buf,"%s_min",type);
+				BIO_snprintf(buf,sizeof buf,"%s_min",type);
 				if (!NCONF_get_number(req_conf,attr_sect,buf, &n_min))
 					n_min = -1;
 
-				sprintf(buf,"%s_max",type);
+				BIO_snprintf(buf,sizeof buf,"%s_max",type);
 				if (!NCONF_get_number(req_conf,attr_sect,buf, &n_max))
 					n_max = -1;
 
@@ -1397,9 +1397,8 @@ start:
 	(void)BIO_flush(bio_err);
 	if(value != NULL)
 		{
-		OPENSSL_assert(strlen(value) < sizeof buf-2);
-		strcpy(buf,value);
-		strcat(buf,"\n");
+		BUF_strlcpy(buf,value,sizeof buf);
+		BUF_strlcat(buf,"\n",sizeof buf);
 		BIO_printf(bio_err,"%s\n",value);
 		}
 	else
@@ -1421,8 +1420,8 @@ start:
 		{
 		if ((def == NULL) || (def[0] == '\0'))
 			return(1);
-		strcpy(buf,def);
-		strcat(buf,"\n");
+		BUF_strlcpy(buf,def,sizeof buf);
+		BUF_strlcat(buf,"\n",sizeof buf);
 		}
 	else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
 
@@ -1456,9 +1455,8 @@ start:
 	(void)BIO_flush(bio_err);
 	if (value != NULL)
 		{
-		OPENSSL_assert(strlen(value) < sizeof buf-2);
-		strcpy(buf,value);
-		strcat(buf,"\n");
+		BUF_strlcpy(buf,value,sizeof buf);
+		BUF_strlcat(buf,"\n",sizeof buf);
 		BIO_printf(bio_err,"%s\n",value);
 		}
 	else
@@ -1480,8 +1478,8 @@ start:
 		{
 		if ((def == NULL) || (def[0] == '\0'))
 			return(1);
-		strcpy(buf,def);
-		strcat(buf,"\n");
+		BUF_strlcpy(buf,def,sizeof buf);
+		BUF_strlcat(buf,"\n",sizeof buf);
 		}
 	else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
 
diff --git a/apps/s_socket.c b/apps/s_socket.c
index a88de6c8c8..1867890966 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -389,7 +389,7 @@ redoit:
 			perror("OPENSSL_malloc");
 			return(0);
 			}
-		strcpy(*host,h1->h_name);
+		BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
 
 		h2=GetHostByName(*host);
 		if (h2 == NULL)
diff --git a/apps/s_time.c b/apps/s_time.c
index 1ad16cd607..7d47057465 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -502,7 +502,7 @@ int MAIN(int argc, char **argv)
 
 		if (s_www_path != NULL)
 			{
-			sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+			BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
 			SSL_write(scon,buf,strlen(buf));
 			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
 				bytes_read+=i;
@@ -557,7 +557,7 @@ next:
 
 	if (s_www_path != NULL)
 		{
-		sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+		BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
 		SSL_write(scon,buf,strlen(buf));
 		while (SSL_read(scon,buf,sizeof(buf)) > 0)
 			;
@@ -595,7 +595,7 @@ next:
 
 		if (s_www_path)
 			{
-			sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+			BIO_snprintf(buf,sizeof buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
 			SSL_write(scon,buf,strlen(buf));
 			while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
 				bytes_read+=i;
diff --git a/apps/speed.c b/apps/speed.c
index 18ce5c3fb6..2412200009 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -773,6 +773,7 @@ int MAIN(int argc, char **argv)
 			{
 			dsa_doit[R_DSA_512]=1;
 			dsa_doit[R_DSA_1024]=1;
+			dsa_doit[R_DSA_2048]=1;
 			}
 		else
 #endif
diff --git a/apps/x509.c b/apps/x509.c
index 2020b51de0..220fa3c938 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -1029,24 +1029,26 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
 	ASN1_INTEGER *bs = NULL, *bs2 = NULL;
 	BIO *io = NULL;
 	BIGNUM *serial = NULL;
+	size_t len;
 
-	buf=OPENSSL_malloc( ((serialfile == NULL)
-			?(strlen(CAfile)+strlen(POSTFIX)+1)
-			:(strlen(serialfile)))+1);
+	len = ((serialfile == NULL)
+		?(strlen(CAfile)+strlen(POSTFIX)+1)
+		:(strlen(serialfile)))+1;
+	buf=OPENSSL_malloc(len);
 	if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
 	if (serialfile == NULL)
 		{
-		strcpy(buf,CAfile);
+		BUF_strlcpy(buf,CAfile,len);
 		for (p=buf; *p; p++)
 			if (*p == '.')
 				{
 				*p='\0';
 				break;
 				}
-		strcat(buf,POSTFIX);
+		BUF_strlcat(buf,POSTFIX,len);
 		}
 	else
-		strcpy(buf,serialfile);
+		BUF_strlcpy(buf,serialfile,len);
 	serial=BN_new();
 	bs=ASN1_INTEGER_new();
 	if ((serial == NULL) || (bs == NULL))
author	Richard Levitte <levitte@openssl.org>	2004-01-19 08:53:02 +0000
committer	Richard Levitte <levitte@openssl.org>	2004-01-19 08:53:02 +0000
commit	8b79f2051d831eb7cb51205b27661d43e3cf3f5e (patch)
tree	fca871353fec9cdc5c0c644580a7007d1f67ca26 /apps
parent	799562704032021e111a998c0a2e286e7b405a28 (diff)