X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fui%2Fui_lib.c;h=7ab249c3be320acd30f5e778c26cb7f98a212a11;hp=16946cad95b0e4649715027fa29d821df2b529e2;hb=3247812e3489d96a24d457027dd092b963f9b26a;hpb=79aa04ef27f69a1149d4d0e72d2d2953b6241ef0

diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 16946cad95..7ab249c3be 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -57,6 +57,7 @@
  */
 
 #include <string.h>
+#include "cryptlib.h"
 #include <openssl/e_os2.h>
 #include <openssl/buffer.h>
 #include <openssl/ui.h>
@@ -144,7 +145,8 @@ static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt,
 		{
 		UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,ERR_R_PASSED_NULL_PARAMETER);
 		}
-	else if (result_buf == NULL)
+	else if ((type == UIT_PROMPT || type == UIT_VERIFY
+			 || type == UIT_BOOLEAN) && result_buf == NULL)
 		{
 		UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,UI_R_NO_RESULT_BUFFER);
 		}
@@ -235,7 +237,7 @@ static int general_allocate_boolean(UI *ui,
 	return ret;
 	}
 
-/* Returns the index to the place in the stack or 0 for error.  Uses a
+/* Returns the index to the place in the stack or -1 for error.  Uses a
    direct reference to the prompt.  */
 int UI_add_input_string(UI *ui, const char *prompt, int flags,
 	char *result_buf, int minsize, int maxsize)
@@ -428,14 +430,14 @@ char *UI_construct_prompt(UI *ui, const char *object_desc,
 		len += sizeof(prompt3) - 1;
 
 		prompt = (char *)OPENSSL_malloc(len + 1);
-		strcpy(prompt, prompt1);
-		strcat(prompt, object_desc);
+		BUF_strlcpy(prompt, prompt1, len + 1);
+		BUF_strlcat(prompt, object_desc, len + 1);
 		if (object_name)
 			{
-			strcat(prompt, prompt2);
-			strcat(prompt, object_name);
+			BUF_strlcat(prompt, prompt2, len + 1);
+			BUF_strlcat(prompt, object_name, len + 1);
 			}
-		strcat(prompt, prompt3);
+		BUF_strlcat(prompt, prompt3, len + 1);
 		}
 	return prompt;
 	}
@@ -543,7 +545,7 @@ int UI_process(UI *ui)
 	return ok;
 	}
 
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)())
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void))
 	{
 	if (ui == NULL)
 		{
@@ -618,8 +620,10 @@ UI_METHOD *UI_create_method(char *name)
 	UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD));
 
 	if (ui_method)
+		{
 		memset(ui_method, 0, sizeof(*ui_method));
-	ui_method->name = BUF_strdup(name);
+		ui_method->name = BUF_strdup(name);
+		}
 	return ui_method;
 	}
 
@@ -831,8 +835,8 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
 	case UIT_PROMPT:
 	case UIT_VERIFY:
 		{
-		char number1[20];
-		char number2[20];
+		char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize)+1];
+		char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize)+1];
 
 		BIO_snprintf(number1, sizeof(number1), "%d",
 			uis->_.string_data.result_minsize);
@@ -863,7 +867,8 @@ int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
 			return -1;
 			}
 
-		strcpy(uis->result_buf, result);
+		BUF_strlcpy(uis->result_buf, result,
+			    uis->_.string_data.result_maxsize + 1);
 		break;
 	case UIT_BOOLEAN:
 		{