From: Richard Levitte Date: Thu, 28 Feb 2002 12:42:19 +0000 (+0000) Subject: Increase internal security when using strncpy, by making sure the resulting string... X-Git-Tag: OpenSSL_0_9_6d~20^2~119 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=26414ee013170f2d8e42b1995dbb30c03e7ed16c Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated --- diff --git a/STATUS b/STATUS index 67ecd83a98..542174cdf2 100644 --- a/STATUS +++ b/STATUS @@ -1,6 +1,6 @@ OpenSSL STATUS Last modified at - ______________ $Date: 2002/02/21 17:23:04 $ + ______________ $Date: 2002/02/28 12:42:00 $ DEVELOPMENT STATE @@ -63,9 +63,6 @@ o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file - o Whenever strncpy is used, make sure the resulting string is NULL-terminated - or an error is reported - o "OpenSSL STATUS" is never up-to-date. OPEN ISSUES diff --git a/apps/ca.c b/apps/ca.c index 182c29e8c6..f368d39b97 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -571,6 +571,7 @@ bad: #else strncpy(buf[0],X509_get_default_cert_area(), sizeof(buf[0])-2-sizeof(CONFIG_FILE)); + buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0'; strcat(buf[0],"/"); #endif strcat(buf[0],CONFIG_FILE); @@ -1277,6 +1278,7 @@ bad: BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk)); strncpy(buf[0],serialfile,BSIZE-4); + buf[0][BSIZE-4]='\0'; #ifdef OPENSSL_SYS_VMS strcat(buf[0],"-new"); @@ -1287,6 +1289,7 @@ bad: if (!save_serial(buf[0],serial)) goto err; strncpy(buf[1],dbfile,BSIZE-4); + buf[1][BSIZE-4]='\0'; #ifdef OPENSSL_SYS_VMS strcat(buf[1],"-new"); @@ -1317,6 +1320,7 @@ bad: p=(char *)x->cert_info->serialNumber->data; strncpy(buf[2],outdir,BSIZE-(j*2)-6); + buf[2][BSIZE-(j*2)-6]='\0'; #ifndef OPENSSL_SYS_VMS strcat(buf[2],"/"); @@ -1354,6 +1358,7 @@ bad: { /* Rename the database and the serial file */ strncpy(buf[2],serialfile,BSIZE-4); + buf[2][BSIZE-4]='\0'; #ifdef OPENSSL_SYS_VMS strcat(buf[2],"-old"); @@ -1382,6 +1387,7 @@ bad: } strncpy(buf[2],dbfile,BSIZE-4); + buf[2][BSIZE-4]='\0'; #ifdef OPENSSL_SYS_VMS strcat(buf[2],"-old"); @@ -1554,6 +1560,7 @@ bad: X509_free(revcert); strncpy(buf[0],dbfile,BSIZE-4); + buf[0][BSIZE-4]='\0'; #ifndef OPENSSL_SYS_VMS strcat(buf[0],".new"); #else @@ -1568,6 +1575,7 @@ bad: j=TXT_DB_write(out,db); if (j <= 0) goto err; strncpy(buf[1],dbfile,BSIZE-4); + buf[1][BSIZE-4]='\0'; #ifndef OPENSSL_SYS_VMS strcat(buf[1],".old"); #else diff --git a/crypto/des/des.c b/crypto/des/des.c index a03ce161af..d8c846b23d 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -153,12 +153,14 @@ int main(int argc, char **argv) case 'c': cflag=1; strncpy(cksumname,p,200); + cksumname[sizeof(cksumname)-1]='\0'; p+=strlen(cksumname); break; case 'C': cflag=1; longk=1; strncpy(cksumname,p,200); + cksumname[sizeof(cksumname)-1]='\0'; p+=strlen(cksumname); break; case 'e': @@ -190,6 +192,7 @@ int main(int argc, char **argv) case 'u': uflag=1; strncpy(uuname,p,200); + uuname[sizeof(uuname)-1]='\0'; p+=strlen(uuname); break; case 'h': diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 9d9b0af8de..4271393069 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -71,7 +71,10 @@ void EVP_set_pw_prompt(char *prompt) if (prompt == NULL) prompt_string[0]='\0'; else + { strncpy(prompt_string,prompt,79); + prompt_string[79]='\0'; + } } char *EVP_get_pw_prompt(void) diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c index f0271fdfa1..1e718f76eb 100644 --- a/crypto/x509/x509_obj.c +++ b/crypto/x509/x509_obj.c @@ -94,6 +94,7 @@ int i; OPENSSL_free(b); } strncpy(buf,"NO X509_NAME",len); + buf[len-1]='\0'; return buf; } diff --git a/ssl/kssl.c b/ssl/kssl.c index 49b749b054..edc108b3de 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -1597,10 +1597,12 @@ kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which, else { strncpy(*princ, entity->data, entity->length); + (*princ)[entity->length]='\0'; if (realm) { strcat (*princ, "@"); (void) strncat(*princ, realm->data, realm->length); + (*princ)[entity->length+1+realm->length]='\0'; } }