Fix potential buffer overrun for EBCDIC.
authorUlf Möller <ulf@openssl.org>
Tue, 6 Feb 2001 02:54:02 +0000 (02:54 +0000)
committerUlf Möller <ulf@openssl.org>
Tue, 6 Feb 2001 02:54:02 +0000 (02:54 +0000)
CHANGES
crypto/x509v3/v3_prn.c

diff --git a/CHANGES b/CHANGES
index f817e93..e3f2653 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,9 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Fix potential buffer overrun for EBCDIC.
+     [Ulf Moeller]
+
   *) New function OCSP_copy_nonce() to copy nonce value (if present) from
      request to response.
      [Steve Henson]
index 62ec1f1..8a7659e 100644 (file)
@@ -87,9 +87,16 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
                else BIO_printf(out, "%s:%s", nval->name, nval->value);
 #else
                else {
-                       char tmp[10240]; /* 10k is BIO_printf's limit anyway */
-                       ascii2ebcdic(tmp, nval->value, strlen(nval->value)+1);
-                       BIO_printf(out, "%s:%s", nval->name, tmp);
+                       int len;
+                       char *tmp;
+                       len = strlen(nval->value)+1;
+                       tmp = OPENSSL_malloc(len);
+                       if (tmp)
+                       {
+                               ascii2ebcdic(tmp, nval->value, len);
+                               BIO_printf(out, "%s:%s", nval->name, tmp);
+                               OPENSSL_free(tmp);
+                       }
                }
 #endif
                if(ml) BIO_puts(out, "\n");
@@ -123,9 +130,16 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde
                BIO_printf(out, "%*s%s", indent, "", value);
 #else
                {
-                       char tmp[10240]; /* 10k is BIO_printf's limit anyway */
-                       ascii2ebcdic(tmp, value, strlen(value)+1);
-                       BIO_printf(out, "%*s%s", indent, "", tmp);
+                       int len;
+                       char *tmp;
+                       len = strlen(value)+1;
+                       tmp = OPENSSL_malloc(len);
+                       if (tmp)
+                       {
+                               ascii2ebcdic(tmp, value, len);
+                               BIO_printf(out, "%*s%s", indent, "", tmp);
+                               OPENSSL_free(tmp);
+                       }
                }
 #endif
        } else if(method->i2v) {