diff options
| author | Rich Salz <rsalz@openssl.org> | 2017-06-14 20:34:37 -0400 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2017-07-05 11:32:35 +1000 |
| commit | 0904e79a6e6109240d5a552f2699408b26cf63ee (patch) | |
| tree | df0b4928a751b05779164cf7dd84265407bea332 /apps | |
| parent | ff281ee8369350d88e8b57af139614f5683e1e8c (diff) | |
| download | openssl-0904e79a6e6109240d5a552f2699408b26cf63ee.tar.gz | |
Undo commit d420ac2
[extended tests]
Original text:
Use BUF_strlcpy() instead of strcpy().
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3701)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/enc.c | 6 | ||||
| -rw-r--r-- | apps/engine.c | 4 | ||||
| -rw-r--r-- | apps/pkcs12.c | 2 | ||||
| -rw-r--r-- | apps/req.c | 36 | ||||
| -rw-r--r-- | apps/s_time.c | 13 | ||||
| -rw-r--r-- | apps/x509.c | 6 |
6 files changed, 33 insertions, 34 deletions
diff --git a/apps/enc.c b/apps/enc.c index d2000752f8..338307330a 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -312,9 +312,9 @@ int enc_main(int argc, char **argv) for (;;) { char prompt[200]; - BIO_snprintf(prompt, sizeof prompt, "enter %s %s password:", - OBJ_nid2ln(EVP_CIPHER_nid(cipher)), - (enc) ? "encryption" : "decryption"); + sprintf(prompt, "enter %s %s password:", + OBJ_nid2ln(EVP_CIPHER_nid(cipher)), + (enc) ? "encryption" : "decryption"); strbuf[0] = '\0'; i = EVP_read_pw_string((char *)strbuf, SIZE, prompt, enc); if (i == 0) { diff --git a/apps/engine.c b/apps/engine.c index 7724084255..61fb758b40 100644 --- a/apps/engine.c +++ b/apps/engine.c @@ -67,8 +67,8 @@ static int append_buf(char **buf, int *size, const char *s) } if (**buf != '\0') - OPENSSL_strlcat(*buf, ", ", *size); - OPENSSL_strlcat(*buf, s, *size); + strcat(*buf, ", "); + strcat(*buf, s); return 1; } diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 9449679cea..82d2bb972e 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -455,7 +455,7 @@ int pkcs12_main(int argc, char **argv) } if (!twopass) - OPENSSL_strlcpy(macpass, pass, sizeof macpass); + strcpy(macpass, pass); p12 = PKCS12_create(cpass, name, key, ucert, certs, key_pbe, cert_pbe, iter, -1, keytype); diff --git a/apps/req.c b/apps/req.c index 34d906566c..9b6c48d4c4 100644 --- a/apps/req.c +++ b/apps/req.c @@ -984,30 +984,30 @@ static int prompt_info(X509_REQ *req, /* If OBJ not recognised ignore it */ if ((nid = OBJ_txt2nid(type)) == NID_undef) goto start; - if (BIO_snprintf(buf, sizeof buf, "%s_default", v->name) - >= (int)sizeof(buf)) { + if (strlen(v->name) + sizeof("_default") > sizeof(buf)) { BIO_printf(bio_err, "Name '%s' too long\n", v->name); return 0; } + sprintf(buf, "%s_default", v->name); if ((def = NCONF_get_string(req_conf, dn_sect, buf)) == NULL) { ERR_clear_error(); def = ""; } - BIO_snprintf(buf, sizeof buf, "%s_value", v->name); + sprintf(buf, "%s_value", v->name); if ((value = NCONF_get_string(req_conf, dn_sect, buf)) == NULL) { ERR_clear_error(); value = NULL; } - BIO_snprintf(buf, sizeof buf, "%s_min", v->name); + sprintf(buf, "%s_min", v->name); if (!NCONF_get_number(req_conf, dn_sect, buf, &n_min)) { ERR_clear_error(); n_min = -1; } - BIO_snprintf(buf, sizeof buf, "%s_max", v->name); + sprintf(buf, "%s_max", v->name); if (!NCONF_get_number(req_conf, dn_sect, buf, &n_max)) { ERR_clear_error(); n_max = -1; @@ -1044,11 +1044,11 @@ static int prompt_info(X509_REQ *req, if ((nid = OBJ_txt2nid(type)) == NID_undef) goto start2; - if (BIO_snprintf(buf, sizeof buf, "%s_default", type) - >= (int)sizeof(buf)) { + if (strlen(type) + sizeof("_default") > sizeof(buf)) { BIO_printf(bio_err, "Name '%s' too long\n", v->name); return 0; } + sprintf(buf, "%s_default", type); if ((def = NCONF_get_string(req_conf, attr_sect, buf)) == NULL) { @@ -1056,20 +1056,20 @@ static int prompt_info(X509_REQ *req, def = ""; } - BIO_snprintf(buf, sizeof buf, "%s_value", type); + sprintf(buf, "%s_value", type); if ((value = NCONF_get_string(req_conf, attr_sect, buf)) == NULL) { ERR_clear_error(); value = NULL; } - BIO_snprintf(buf, sizeof buf, "%s_min", type); + sprintf(buf, "%s_min", type); if (!NCONF_get_number(req_conf, attr_sect, buf, &n_min)) { ERR_clear_error(); n_min = -1; } - BIO_snprintf(buf, sizeof buf, "%s_max", type); + sprintf(buf, "%s_max", type); if (!NCONF_get_number(req_conf, attr_sect, buf, &n_max)) { ERR_clear_error(); n_max = -1; @@ -1168,8 +1168,8 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def, BIO_printf(bio_err, "%s [%s]:", text, def); (void)BIO_flush(bio_err); if (value != NULL) { - OPENSSL_strlcpy(buf, value, sizeof buf); - OPENSSL_strlcat(buf, "\n", sizeof buf); + strcpy(buf, value); + strcat(buf, "\n"); BIO_printf(bio_err, "%s\n", value); } else { buf[0] = '\0'; @@ -1187,8 +1187,8 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def, if (buf[0] == '\n') { if ((def == NULL) || (def[0] == '\0')) return 1; - OPENSSL_strlcpy(buf, def, sizeof buf); - OPENSSL_strlcat(buf, "\n", sizeof buf); + strcpy(buf, def); + strcat(buf, "\n"); } else if ((buf[0] == '.') && (buf[1] == '\n')) { return 1; } @@ -1228,8 +1228,8 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def, BIO_printf(bio_err, "%s [%s]:", text, def); (void)BIO_flush(bio_err); if (value != NULL) { - OPENSSL_strlcpy(buf, value, sizeof buf); - OPENSSL_strlcat(buf, "\n", sizeof buf); + strcpy(buf, value); + strcat(buf, "\n"); BIO_printf(bio_err, "%s\n", value); } else { buf[0] = '\0'; @@ -1247,8 +1247,8 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def, if (buf[0] == '\n') { if ((def == NULL) || (def[0] == '\0')) return 1; - OPENSSL_strlcpy(buf, def, sizeof buf); - OPENSSL_strlcat(buf, "\n", sizeof buf); + strcpy(buf, def); + strcat(buf, "\n"); } else if ((buf[0] == '.') && (buf[1] == '\n')) { return 1; } diff --git a/apps/s_time.c b/apps/s_time.c index bae2524af5..c4f4037363 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -173,7 +173,7 @@ int s_time_main(int argc, char **argv) break; case OPT_WWW: www_path = opt_arg(); - buf_size = strlen(www_path) + sizeof(fmt_http_get_cmd) - 2; /* 2 is for %s */ + buf_size = strlen(www_path) + sizeof(fmt_http_get_cmd); if (buf_size > sizeof(buf)) { BIO_printf(bio_err, "%s: -www option is too long\n", prog); goto end; @@ -230,8 +230,8 @@ int s_time_main(int argc, char **argv) goto end; if (www_path != NULL) { - buf_len = BIO_snprintf(buf, sizeof buf, - fmt_http_get_cmd, www_path); + sprintf(buf, fmt_http_get_cmd, www_path); + buf_len = strlen(buf); if (SSL_write(scon, buf, buf_len) <= 0) goto end; while ((i = SSL_read(scon, buf, sizeof(buf))) > 0) @@ -288,8 +288,8 @@ int s_time_main(int argc, char **argv) } if (www_path != NULL) { - buf_len = BIO_snprintf(buf, sizeof buf, - fmt_http_get_cmd, www_path); + sprintf(buf, fmt_http_get_cmd, www_path); + buf_len = strlen(buf); if (SSL_write(scon, buf, buf_len) <= 0) goto end; while (SSL_read(scon, buf, sizeof(buf)) > 0) @@ -319,8 +319,7 @@ int s_time_main(int argc, char **argv) goto end; if (www_path != NULL) { - BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", - www_path); + sprintf(buf, "GET %s HTTP/1.0\r\n\r\n", www_path); if (SSL_write(scon, buf, strlen(buf)) <= 0) goto end; while ((i = SSL_read(scon, buf, sizeof(buf))) > 0) diff --git a/apps/x509.c b/apps/x509.c index 689d5a2465..484192bbf1 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -906,15 +906,15 @@ static ASN1_INTEGER *x509_load_serial(const char *CAfile, const char *serialfile : (strlen(serialfile))) + 1; buf = app_malloc(len, "serial# buffer"); if (serialfile == NULL) { - OPENSSL_strlcpy(buf, CAfile, len); + strcpy(buf, CAfile); for (p = buf; *p; p++) if (*p == '.') { *p = '\0'; break; } - OPENSSL_strlcat(buf, POSTFIX, len); + strcat(buf, POSTFIX); } else { - OPENSSL_strlcpy(buf, serialfile, len); + strcpy(buf, serialfile); } serial = load_serial(buf, create, NULL); |