openssl

History

Alessandro Ghedini 6905187488 Make BUF_strndup() read-safe on arbitrary inputs

BUF_strndup was calling strlen through BUF_strlcpy, and ended up reading
past the input if the input was not a C string.

Make it explicitly part of BUF_strndup's contract to never read more
than |siz| input bytes. This augments the standard strndup contract to
be safer.

The commit also adds a check for siz overflow and some brief documentation
for BUF_strndup().

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 110f7b37de9feecfb64950601cc7cec77cf6130b)
(cherry picked from commit f61216ba9d17430fb5eb3e2b202a209960b9d51b)

2015-09-22 20:09:38 +02:00

buf_err.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

buf_str.c

Make BUF_strndup() read-safe on arbitrary inputs

2015-09-22 20:09:38 +02:00

buffer.c

Replace memset with OPENSSL_cleanse()

2015-06-10 10:29:31 +01:00

buffer.h

Make BUF_strndup() read-safe on arbitrary inputs

2015-09-22 20:09:38 +02:00

Makefile

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00