Many security improvements (CHATS) and a warning fix.

2002-11-12 13:23:40 +00:00
parent 707ceb29e0
commit 9831d941ca
111 changed files with 755 additions and 480 deletions
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -143,7 +143,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)

 	memset(&addr, 0, sizeof(addr));
 	addr.sun_family = AF_UNIX;
-	if (strlen(path) > sizeof(addr.sun_path))
+	if (strlen(path) >= sizeof(addr.sun_path))
 		return (-1);
 	strcpy(addr.sun_path,path);
 	len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -203,8 +203,9 @@ const char *RAND_file_name(char *buf, size_t size)
 		s=getenv("RANDFILE");
 	if (s != NULL)
 		{
-		strncpy(buf,s,size-1);
-		buf[size-1]='\0';
+		if(strlen(s) >= size)
+			return NULL;
+		strcpy(buf,s);
 		ret=buf;
 		}
 	else