#include <openssl/ui.h>
#include <openssl/err.h>
#include "ui_locl.h"
+#include "cryptlib.h"
IMPLEMENT_STACK_OF(UI_STRING_ST)
{
UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,ERR_R_PASSED_NULL_PARAMETER);
}
- else if (result_buf == NULL)
+ else if ((type == UIT_PROMPT || type == UIT_VERIFY
+ || type == UIT_BOOLEAN) && result_buf == NULL)
{
UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,UI_R_NO_RESULT_BUFFER);
}
return ret;
}
-/* Returns the index to the place in the stack or 0 for error. Uses a
+/* Returns the index to the place in the stack or -1 for error. Uses a
direct reference to the prompt. */
int UI_add_input_string(UI *ui, const char *prompt, int flags,
char *result_buf, int minsize, int maxsize)
len += sizeof(prompt3) - 1;
prompt = (char *)OPENSSL_malloc(len + 1);
- strcpy(prompt, prompt1);
- strcat(prompt, object_desc);
+ BUF_strlcpy(prompt, prompt1, len + 1);
+ BUF_strlcat(prompt, object_desc, len + 1);
if (object_name)
{
- strcat(prompt, prompt2);
- strcat(prompt, object_name);
+ BUF_strlcat(prompt, prompt2, len + 1);
+ BUF_strlcat(prompt, object_name, len + 1);
}
- strcat(prompt, prompt3);
+ BUF_strlcat(prompt, prompt3, len + 1);
}
return prompt;
}
case UIT_PROMPT:
case UIT_VERIFY:
{
- char number1[20];
- char number2[20];
+ char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize)+1];
+ char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize)+1];
BIO_snprintf(number1, sizeof(number1), "%d",
uis->_.string_data.result_minsize);
return -1;
}
- strcpy(uis->result_buf, result);
+ BUF_strlcpy(uis->result_buf, result,
+ uis->_.string_data.result_maxsize + 1);
break;
case UIT_BOOLEAN:
{