The params[0].data is set to a non-NULL value, but params[0].data_size
is always zero. This confuses get_string_internal, which creates 1 byte
string with uninitialized content.
When OSSL_PARAM_construct_utf8_string is used, the data_size is set
correctly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13699)
OSSL_STORE_LOADER_free(fetched_loader);
fetched_loader = NULL;
} else if (propq != NULL) {
- OSSL_PARAM params[] = {
- OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_PROPERTIES,
- NULL, 0),
- OSSL_PARAM_END
- };
+ OSSL_PARAM params[2];
+
+ params[0] = OSSL_PARAM_construct_utf8_string(
+ OSSL_STORE_PARAM_PROPERTIES, (char *)propq, 0);
+ params[1] = OSSL_PARAM_construct_end();
- params[0].data = (void *)propq;
if (!fetched_loader->p_set_ctx_params(loader_ctx, params)) {
(void)fetched_loader->p_close(loader_ctx);
OSSL_STORE_LOADER_free(fetched_loader);