Increase internal security when using strncpy, by making sure the resulting string...

diff --git a/STATUS b/STATUS
index 67ecd83a9820d9009c3fb20a468e18160753bd69..542174cdf2d09f387c76c543cc41643263610877 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,6 +1,6 @@
 
   OpenSSL STATUS                           Last modified at
 
   OpenSSL STATUS                           Last modified at

-  ______________                           $Date: 2002/02/21 17:23:04 $
+  ______________                           $Date: 2002/02/28 12:42:00 $

 
   DEVELOPMENT STATE
 
 
   DEVELOPMENT STATE
 


@@ -63,9 +63,6 @@
 
     o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
 
 
     o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
 

-    o  Whenever strncpy is used, make sure the resulting string is NULL-terminated
-       or an error is reported
-

     o  "OpenSSL STATUS" is never up-to-date.
 
   OPEN ISSUES
     o  "OpenSSL STATUS" is never up-to-date.
 
   OPEN ISSUES

diff --git a/apps/ca.c b/apps/ca.c
index 182c29e8c631c54cb1ea084f2fea44549c8919c9..f368d39b97c76466e4966760b05a63f504999666 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -571,6 +571,7 @@ bad:
 #else
                strncpy(buf[0],X509_get_default_cert_area(),
                        sizeof(buf[0])-2-sizeof(CONFIG_FILE));
 #else
                strncpy(buf[0],X509_get_default_cert_area(),
                        sizeof(buf[0])-2-sizeof(CONFIG_FILE));

+               buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0';

                strcat(buf[0],"/");
 #endif
                strcat(buf[0],CONFIG_FILE);
                strcat(buf[0],"/");
 #endif
                strcat(buf[0],CONFIG_FILE);


@@ -1277,6 +1278,7 @@ bad:
                        BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
 
                        strncpy(buf[0],serialfile,BSIZE-4);
                        BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
 
                        strncpy(buf[0],serialfile,BSIZE-4);

+                       buf[0][BSIZE-4]='\0';

 
 #ifdef OPENSSL_SYS_VMS
                        strcat(buf[0],"-new");
 
 #ifdef OPENSSL_SYS_VMS
                        strcat(buf[0],"-new");


@@ -1287,6 +1289,7 @@ bad:
                        if (!save_serial(buf[0],serial)) goto err;
 
                        strncpy(buf[1],dbfile,BSIZE-4);
                        if (!save_serial(buf[0],serial)) goto err;
 
                        strncpy(buf[1],dbfile,BSIZE-4);

+                       buf[1][BSIZE-4]='\0';

 
 #ifdef OPENSSL_SYS_VMS
                        strcat(buf[1],"-new");
 
 #ifdef OPENSSL_SYS_VMS
                        strcat(buf[1],"-new");


@@ -1317,6 +1320,7 @@ bad:
                        p=(char *)x->cert_info->serialNumber->data;
                        
                        strncpy(buf[2],outdir,BSIZE-(j*2)-6);
                        p=(char *)x->cert_info->serialNumber->data;
                        
                        strncpy(buf[2],outdir,BSIZE-(j*2)-6);

+                       buf[2][BSIZE-(j*2)-6]='\0';

 
 #ifndef OPENSSL_SYS_VMS
                        strcat(buf[2],"/");
 
 #ifndef OPENSSL_SYS_VMS
                        strcat(buf[2],"/");


@@ -1354,6 +1358,7 @@ bad:
                        {
                        /* Rename the database and the serial file */
                        strncpy(buf[2],serialfile,BSIZE-4);
                        {
                        /* Rename the database and the serial file */
                        strncpy(buf[2],serialfile,BSIZE-4);

+                       buf[2][BSIZE-4]='\0';

 
 #ifdef OPENSSL_SYS_VMS
                        strcat(buf[2],"-old");
 
 #ifdef OPENSSL_SYS_VMS
                        strcat(buf[2],"-old");


@@ -1382,6 +1387,7 @@ bad:
                                }
 
                        strncpy(buf[2],dbfile,BSIZE-4);
                                }
 
                        strncpy(buf[2],dbfile,BSIZE-4);

+                       buf[2][BSIZE-4]='\0';

 
 #ifdef OPENSSL_SYS_VMS
                        strcat(buf[2],"-old");
 
 #ifdef OPENSSL_SYS_VMS
                        strcat(buf[2],"-old");


@@ -1554,6 +1560,7 @@ bad:
                        X509_free(revcert);
 
                        strncpy(buf[0],dbfile,BSIZE-4);
                        X509_free(revcert);
 
                        strncpy(buf[0],dbfile,BSIZE-4);

+                       buf[0][BSIZE-4]='\0';

 #ifndef OPENSSL_SYS_VMS
                        strcat(buf[0],".new");
 #else
 #ifndef OPENSSL_SYS_VMS
                        strcat(buf[0],".new");
 #else


@@ -1568,6 +1575,7 @@ bad:
                        j=TXT_DB_write(out,db);
                        if (j <= 0) goto err;
                        strncpy(buf[1],dbfile,BSIZE-4);
                        j=TXT_DB_write(out,db);
                        if (j <= 0) goto err;
                        strncpy(buf[1],dbfile,BSIZE-4);

+                       buf[1][BSIZE-4]='\0';

 #ifndef OPENSSL_SYS_VMS
                        strcat(buf[1],".old");
 #else
 #ifndef OPENSSL_SYS_VMS
                        strcat(buf[1],".old");
 #else

diff --git a/crypto/des/des.c b/crypto/des/des.c
index a03ce161af8c57f60bc1eed2b19eeb6e5a32aa80..d8c846b23dba6efc508fb6ca311b2de40e955c72 100644 (file)
--- a/crypto/des/des.c
+++ b/crypto/des/des.c
@@ -153,12 +153,14 @@ int main(int argc, char **argv)
                                case 'c':
                                        cflag=1;
                                        strncpy(cksumname,p,200);
                                case 'c':
                                        cflag=1;
                                        strncpy(cksumname,p,200);

+                                       cksumname[sizeof(cksumname)-1]='\0';

                                        p+=strlen(cksumname);
                                        break;
                                case 'C':
                                        cflag=1;
                                        longk=1;
                                        strncpy(cksumname,p,200);
                                        p+=strlen(cksumname);
                                        break;
                                case 'C':
                                        cflag=1;
                                        longk=1;
                                        strncpy(cksumname,p,200);

+                                       cksumname[sizeof(cksumname)-1]='\0';

                                        p+=strlen(cksumname);
                                        break;
                                case 'e':
                                        p+=strlen(cksumname);
                                        break;
                                case 'e':


@@ -190,6 +192,7 @@ int main(int argc, char **argv)
                                case 'u':
                                        uflag=1;
                                        strncpy(uuname,p,200);
                                case 'u':
                                        uflag=1;
                                        strncpy(uuname,p,200);

+                                       uuname[sizeof(uuname)-1]='\0';

                                        p+=strlen(uuname);
                                        break;
                                case 'h':
                                        p+=strlen(uuname);
                                        break;
                                case 'h':

diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 9d9b0af8de986cd4accbe142d427ebae3f71aed5..4271393069d7f1359ed96d389ce958f402bec80f 100644 (file)
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -71,7 +71,10 @@ void EVP_set_pw_prompt(char *prompt)
        if (prompt == NULL)
                prompt_string[0]='\0';
        else
        if (prompt == NULL)
                prompt_string[0]='\0';
        else

+               {

                strncpy(prompt_string,prompt,79);
                strncpy(prompt_string,prompt,79);

+               prompt_string[79]='\0';
+               }

        }
 
 char *EVP_get_pw_prompt(void)
        }
 
 char *EVP_get_pw_prompt(void)

diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index f0271fdfa148d3d3ba25741ba262512bb59d53a3..1e718f76eb2dd0b37582e22110f7b002db2512d9 100644 (file)
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -94,6 +94,7 @@ int i;
                OPENSSL_free(b);
                }
            strncpy(buf,"NO X509_NAME",len);
                OPENSSL_free(b);
                }
            strncpy(buf,"NO X509_NAME",len);

+           buf[len-1]='\0';

            return buf;
            }
 
            return buf;
            }
 

diff --git a/ssl/kssl.c b/ssl/kssl.c
index 49b749b05412b713145f7dfd169c214c5de015b7..edc108b3de9fe7bd5375ce6985e760988bdce93e 100644 (file)
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -1597,10 +1597,12 @@ kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
        else
                 {
                strncpy(*princ, entity->data, entity->length);
        else
                 {
                strncpy(*princ, entity->data, entity->length);

+               (*princ)[entity->length]='\0';

                if (realm)
                         {
                        strcat (*princ, "@");
                        (void) strncat(*princ, realm->data, realm->length);
                if (realm)
                         {
                        strcat (*princ, "@");
                        (void) strncat(*princ, realm->data, realm->length);

+                       (*princ)[entity->length+1+realm->length]='\0';

                        }
                }
 
                        }
                }