Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated

3 files changed, 7 insertions, 0 deletions

diff --git a/crypto/des/des.c b/crypto/des/des.c
index a03ce161af..d8c846b23d 100644
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -153,12 +153,14 @@ int main(int argc, char **argv)
 				case 'c':
 					cflag=1;
 					strncpy(cksumname,p,200);
+					cksumname[sizeof(cksumname)-1]='\0';
 					p+=strlen(cksumname);
 					break;
 				case 'C':
 					cflag=1;
 					longk=1;
 					strncpy(cksumname,p,200);
+					cksumname[sizeof(cksumname)-1]='\0';
 					p+=strlen(cksumname);
 					break;
 				case 'e':
@@ -190,6 +192,7 @@ int main(int argc, char **argv)
 				case 'u':
 					uflag=1;
 					strncpy(uuname,p,200);
+					uuname[sizeof(uuname)-1]='\0';
 					p+=strlen(uuname);
 					break;
 				case 'h':
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 9d9b0af8de..4271393069 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -71,7 +71,10 @@ void EVP_set_pw_prompt(char *prompt)
 	if (prompt == NULL)
 		prompt_string[0]='\0';
 	else
+		{
 		strncpy(prompt_string,prompt,79);
+		prompt_string[79]='\0';
+		}
 	}
 
 char *EVP_get_pw_prompt(void)
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index f0271fdfa1..1e718f76eb 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -94,6 +94,7 @@ int i;
 		OPENSSL_free(b);
 		}
 	    strncpy(buf,"NO X509_NAME",len);
+	    buf[len-1]='\0';
 	    return buf;
 	    }