Typo.

[openssl.git] / crypto / buffer / buffer.c

diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index 620ea8d5368a678c644696c0c7f650ea9ed8c085..a6b590c3b2b2e3add87de35d1ad413b50e40537b 100644 (file)
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -60,6 +60,11 @@
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 
+/* LIMIT_BEFORE_EXPANSION is the maximum n such that (n+3)/3*4 < 2**31. That
+ * function is applied in several functions in this file and this limit ensures
+ * that the result fits in an int. */
+#define LIMIT_BEFORE_EXPANSION 0x5ffffffc
+
 BUF_MEM *BUF_MEM_new(void)
        {
        BUF_MEM *ret;
@@ -105,6 +110,12 @@ int BUF_MEM_grow(BUF_MEM *str, size_t len)
                str->length=len;
                return(len);
                }
+       /* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */
+       if (len > LIMIT_BEFORE_EXPANSION)
+               {
+               BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
+               return 0;
+               }
        n=(len+3)/3*4;
        if (str->data == NULL)
                ret=OPENSSL_malloc(n);
@@ -142,6 +153,12 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
                str->length=len;
                return(len);
                }
+       /* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */
+       if (len > LIMIT_BEFORE_EXPANSION)
+               {
+               BUFerr(BUF_F_BUF_MEM_GROW_CLEAN,ERR_R_MALLOC_FAILURE);
+               return 0;
+               }
        n=(len+3)/3*4;
        if (str->data == NULL)
                ret=OPENSSL_malloc(n);
@@ -162,64 +179,6 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
        return(len);
        }
 
-char *BUF_strdup(const char *str)
-       {
-       if (str == NULL) return(NULL);
-       return BUF_strndup(str, strlen(str));
-       }
-
-char *BUF_strndup(const char *str, size_t siz)
-       {
-       char *ret;
-
-       if (str == NULL) return(NULL);
-
-       ret=OPENSSL_malloc(siz+1);
-       if (ret == NULL) 
-               {
-               BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE);
-               return(NULL);
-               }
-       BUF_strlcpy(ret,str,siz+1);
-       return(ret);
-       }
-
-void *BUF_memdup(const void *data, size_t siz)
-       {
-       void *ret;
-
-       if (data == NULL) return(NULL);
-
-       ret=OPENSSL_malloc(siz);
-       if (ret == NULL) 
-               {
-               BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE);
-               return(NULL);
-               }
-       return memcpy(ret, data, siz);
-       }       
-
-size_t BUF_strlcpy(char *dst, const char *src, size_t size)
-       {
-       size_t l = 0;
-       for(; size > 1 && *src; size--)
-               {
-               *dst++ = *src++;
-               l++;
-               }
-       if (size)
-               *dst = '\0';
-       return l + strlen(src);
-       }
-
-size_t BUF_strlcat(char *dst, const char *src, size_t size)
-       {
-       size_t l = 0;
-       for(; size > 0 && *dst; size--, dst++)
-               l++;
-       return l + BUF_strlcpy(dst, src, size);
-       }
-
 void BUF_reverse(unsigned char *out, unsigned char *in, size_t size)
        {
        size_t i;
@@ -227,7 +186,7 @@ void BUF_reverse(unsigned char *out, unsigned char *in, size_t size)
                {
                out += size - 1;
                for (i = 0; i < size; i++)
-                       *in++ = *out--;
+                       *out-- = *in++;
                }
        else
                {