From 230c691a5218f355a63ff12cd72ce99178378c64 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 21 May 2016 03:46:43 +0200 Subject: [PATCH 1/1] Fix fmtstr for BIO_printf() et al - If we have a maximum amount of characters permitted to be printed (for example "%.2s", which allows for a maximum of 2 chars), we minimize the number of characters from the string to printed to that size. - If there is space for padding and there is a maximum amount of characters to print (for example "%3.2s", which shall give at least a 1 space padding), the amount of characters to pad with gets added to the maximum so the minimum field size (3 in this example) gets filled out. Reviewed-by: Matt Caswell --- crypto/bio/b_print.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c index d52ad7cdf5..545c469810 100644 --- a/crypto/bio/b_print.c +++ b/crypto/bio/b_print.c @@ -10,7 +10,7 @@ #include #include #include -#include +#include "internal/numbers.h" #include "internal/cryptlib.h" #ifndef NO_SYS_TYPES_H # include @@ -385,28 +385,29 @@ fmtstr(char **sbuffer, if (value == 0) value = ""; - strln = strlen(value); - if (strln > INT_MAX) - strln = INT_MAX; + strln = OPENSSL_strnlen(value, max < 0 ? SIZE_MAX : (size_t)max); padlen = min - strln; if (min < 0 || padlen < 0) padlen = 0; + if (max >= 0) + max += padlen; /* The maximum output including padding */ if (flags & DP_F_MINUS) padlen = -padlen; - while ((padlen > 0) && (cnt < max)) { + while ((padlen > 0) && (max < 0 || cnt < max)) { if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' ')) return 0; --padlen; ++cnt; } - while (*value && (cnt < max)) { + while (strln > 0 && (max < 0 || cnt < max)) { if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++)) return 0; + --strln; ++cnt; } - while ((padlen < 0) && (cnt < max)) { + while ((padlen < 0) && (max < 0 || cnt < max)) { if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' ')) return 0; ++padlen; -- 2.34.1