From 3816be5d4a6a1f17dc4b7d398c42398c48e62e1a Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Wed, 28 Jun 2017 11:17:24 +0200
Subject: [PATCH] UI_UTIL_wrap_read_pem_callback: make sure to terminate the
 string received

The callback we're wrapping around may or may not return a
NUL-terminated string.  Let's ensure it is.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3791)
---
 crypto/ui/ui_util.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/ui/ui_util.c b/crypto/ui/ui_util.c
index 67b2ec2229..dbfeeccffb 100644
--- a/crypto/ui/ui_util.c
+++ b/crypto/ui/ui_util.c
@@ -104,7 +104,7 @@ static int ui_read(UI *ui, UI_STRING *uis)
     switch (UI_get_string_type(uis)) {
     case UIT_PROMPT:
         {
-            char result[PEM_BUFSIZE];
+            char result[PEM_BUFSIZE + 1];
             const struct pem_password_cb_data *data =
                 UI_method_get_ex_data(UI_get_method(ui), ui_method_data_index);
             int maxsize = UI_get_result_maxsize(uis);
@@ -112,6 +112,8 @@ static int ui_read(UI *ui, UI_STRING *uis)
                                maxsize > PEM_BUFSIZE ? PEM_BUFSIZE : maxsize,
                                data->rwflag, UI_get0_user_data(ui));
 
+            if (len >= 0)
+                result[len] = '\0';
             if (len <= 0)
                 return len;
             if (UI_set_result(ui, uis, result) >= 0)
-- 
2.34.1