Fix a small bug in str_copy: if more than one variable is replaced, make

sure the current length is used to calculate the new buffer length instead
of using the old length (prior to any variable substitution).

Submitted by: Nils Larsch

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 57d2739ae0c89feae8ea4518d6029a4721a55531..52a87aa76c5f0ad581f3da46a9f42e1109f12c55 100644 (file)
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -629,7 +629,7 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from)
                                CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
                                goto err;
                                }
-                       BUF_MEM_grow_clean(buf,(strlen(p)+len-(e-from)));
+                       BUF_MEM_grow_clean(buf,(strlen(p)+buf->length-(e-from)));
                        while (*p)
                                buf->data[to++]= *(p++);
                        from=e;