From e56c77b8ee964b233137eea15b067eed1b1b44ea Mon Sep 17 00:00:00 2001
From: Emilia Kasper <emilia@openssl.org>
Date: Thu, 17 Sep 2015 13:27:05 +0200
Subject: [PATCH] BUF_strndup: tidy

Fix comment, add another overflow check, tidy style

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit de8883e11befde31d9b6cfbbd1fc017c365e0bbf)
(cherry picked from commit f5afe9ce3f7ab8d2fef460054d1170427db0d02c)
---
 crypto/buffer/buf_str.c | 14 +++++++-------
 crypto/buffer/buffer.h  |  4 ++--
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/crypto/buffer/buf_str.c b/crypto/buffer/buf_str.c
index da1fea9c67..233af246e4 100644
--- a/crypto/buffer/buf_str.c
+++ b/crypto/buffer/buf_str.c
@@ -64,7 +64,7 @@
 char *BUF_strdup(const char *str)
 {
     if (str == NULL)
-        return (NULL);
+        return NULL;
     return BUF_strndup(str, strlen(str));
 }
 
@@ -73,15 +73,15 @@ char *BUF_strndup(const char *str, size_t siz)
     char *ret;
 
     if (str == NULL)
-        return (NULL);
+        return NULL;
 
     if (siz >= INT_MAX)
-        return (NULL);
+        return NULL;
 
     ret = OPENSSL_malloc(siz + 1);
     if (ret == NULL) {
         BUFerr(BUF_F_BUF_STRNDUP, ERR_R_MALLOC_FAILURE);
-        return (NULL);
+        return NULL;
     }
 
     memcpy(ret, str, siz);
@@ -94,13 +94,13 @@ void *BUF_memdup(const void *data, size_t siz)
 {
     void *ret;
 
-    if (data == NULL)
-        return (NULL);
+    if (data == NULL || siz >= INT_MAX)
+        return NULL;
 
     ret = OPENSSL_malloc(siz);
     if (ret == NULL) {
         BUFerr(BUF_F_BUF_MEMDUP, ERR_R_MALLOC_FAILURE);
-        return (NULL);
+        return NULL;
     }
     return memcpy(ret, data, siz);
 }
diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h
index 0958b454be..89183adb4a 100644
--- a/crypto/buffer/buffer.h
+++ b/crypto/buffer/buffer.h
@@ -87,8 +87,8 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
 char *BUF_strdup(const char *str);
 
 /*
- * Returns a pointer to a new string which is a duplicate of the string |str|,
- * but guarantees to never read past the first |siz| bytes of |str|.
+ * Like strndup, but in addition, explicitly guarantees to never read past the
+ * first |siz| bytes of |str|.
  */
 char *BUF_strndup(const char *str, size_t siz);
 
-- 
2.34.1