diff options
| author | Pauli <paul.dale@oracle.com> | 2017-07-06 14:56:20 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2017-07-07 15:45:55 +1000 |
| commit | a2371fa93365cc0bc0e46b9d65f3a47a074b1c30 (patch) | |
| tree | c4751256bc9a1e3d2b20bad3becd6b17aec2c9f4 /crypto/conf/conf_def.c | |
| parent | a7ff57965b81ce4fd73a18266ce29abf6b909fdb (diff) | |
Trivial bounds checking.
Bounds checking strpy, strcat and sprintf.
These are the remaining easy ones to cover a recently removed commit.
Some are trivial, some have been modified and a couple left as they are because the reverted change didn't bounds check properly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3871)
Diffstat (limited to 'crypto/conf/conf_def.c')
| -rw-r--r-- | crypto/conf/conf_def.c | 27 |
1 files changed, 13 insertions, 14 deletions
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 78acdec4f6..65eca6558b 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -317,13 +317,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) } if (psection == NULL) psection = section; - v->name = OPENSSL_malloc(strlen(pname) + 1); + v->name = OPENSSL_strdup(pname); v->value = NULL; if (v->name == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } - strcpy(v->name, pname); if (!str_copy(conf, psection, &(v->value), start)) goto err; @@ -347,13 +346,13 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) } BUF_MEM_free(buff); OPENSSL_free(section); - return (1); + return 1; err: BUF_MEM_free(buff); OPENSSL_free(section); if (line != NULL) *line = eline; - sprintf(btmp, "%ld", eline); + BIO_snprintf(btmp, sizeof(btmp), "%ld", eline); ERR_add_error_data(2, "line ", btmp); if (h != conf->data) { CONF_free(conf->data); @@ -364,7 +363,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) OPENSSL_free(v->value); OPENSSL_free(v); } - return (0); + return 0; } static void clear_comments(CONF *conf, char *p) @@ -411,7 +410,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) BUF_MEM *buf; if ((buf = BUF_MEM_new()) == NULL) - return (0); + return 0; len = strlen(from) + 1; if (!BUF_MEM_grow(buf, len)) @@ -551,17 +550,17 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) OPENSSL_free(*pto); *pto = buf->data; OPENSSL_free(buf); - return (1); + return 1; err: BUF_MEM_free(buf); - return (0); + return 0; } static char *eat_ws(CONF *conf, char *p) { while (IS_WS(conf, *p) && (!IS_EOF(conf, *p))) p++; - return (p); + return p; } static char *eat_alpha_numeric(CONF *conf, char *p) @@ -572,7 +571,7 @@ static char *eat_alpha_numeric(CONF *conf, char *p) continue; } if (!IS_ALPHA_NUMERIC_PUNCT(conf, *p)) - return (p); + return p; p++; } } @@ -586,13 +585,13 @@ static char *scan_quote(CONF *conf, char *p) if (IS_ESC(conf, *p)) { p++; if (IS_EOF(conf, *p)) - return (p); + return p; } p++; } if (*p == q) p++; - return (p); + return p; } static char *scan_dquote(CONF *conf, char *p) @@ -612,7 +611,7 @@ static char *scan_dquote(CONF *conf, char *p) } if (*p == q) p++; - return (p); + return p; } static void dump_value_doall_arg(const CONF_VALUE *a, BIO *out) |