Fix wrong numbers being passed as string lengths

Signed-off-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 0b142f022e2c5072295e00ebc11c5b707a726d74)

diff --git a/apps/s_server.c b/apps/s_server.c
index 655ada0fe9a924b167702b078f93be1582688e21..d5d2492a26de1f0d21caceef1cf3b5afe48c1082 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2869,7 +2869,7 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context)
 
         /* else we have data */
         if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
-            ((www == 2) && (strncmp("GET /stats ", buf, 10) == 0))) {
+            ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
             char *p;
             X509 *peer;
             STACK_OF(SSL_CIPHER) *sk;

diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
index aaec009f2266b6718e791eb40033485758255b7c..b71ae4841b4941decc6986bbb2b2067303c2e3dd 100644 (file)
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -359,7 +359,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
             arg->format = ASN1_GEN_FORMAT_UTF8;
         else if (!strncmp(vstart, "HEX", 3))
             arg->format = ASN1_GEN_FORMAT_HEX;
-        else if (!strncmp(vstart, "BITLIST", 3))
+        else if (!strncmp(vstart, "BITLIST", 7))
             arg->format = ASN1_GEN_FORMAT_BITLIST;
         else {
             ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);

diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index f6cd4b2b8caae68b97fe11bcb3c4f902472ddfba..a5d2da10bb72df1bc5e8396ba90e85bae4b55eef 100644 (file)
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -337,7 +337,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
                             goto end;
                     }
                 } else {
-                    if (BIO_write(bp, "BAD ENUMERATED", 11) <= 0)
+                    if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
                         goto end;
                 }
                 M_ASN1_ENUMERATED_free(bs);