Sanity check buffer length.

Reject zero length buffers passed to X509_NAME_onelne().

Issue reported by Guido Vranken.

Reviewed-by: Matt Caswell <matt@openssl.org>

diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index ac871b40294763b41062767eb8f299e82354b70d..920828373c175075a7cbaafa2fef91b08f91bfa6 100644 (file)
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -86,6 +86,8 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
             goto err;
         b->data[0] = '\0';
         len = 200;
+    } else if (len == 0) {
+        return NULL;
     }
     if (a == NULL) {
         if (b) {