diff options
| author |   deraadt <deraadt@openbsd.org> | 2014-04-18 13:38:31 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2014-04-18 13:38:31 +0000 |
| commit | 1297a291c4cf71e11a01c38ced87848d0e516cc7 (patch) | |
| tree | 89126c57f2934541565e6a9b2d3256a99be90efa | |
| parent | If somebody else is already processing the RPC requests on a stream socket, (diff) | |
| download | wireguard-openbsd-1297a291c4cf71e11a01c38ced87848d0e516cc7.tar.xz wireguard-openbsd-1297a291c4cf71e11a01c38ced87848d0e516cc7.zip | |
in CONF_get1_default_config_file(), don't calculate a buffer size,
malloc it, do unbounded strlcpy's to it... but instead of asnprintf.
While there, let's put a '/' between the two path components! Wonder
how old that bug is..
ok guenther
| -rw-r--r-- | lib/libcrypto/conf/conf_mod.c | 20 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/conf/conf_mod.c | 20 |
2 files changed, 10 insertions, 30 deletions
diff --git a/lib/libcrypto/conf/conf_mod.c b/lib/libcrypto/conf/conf_mod.c index ca7b5e697a9..436f239b12e 100644 --- a/lib/libcrypto/conf/conf_mod.c +++ b/lib/libcrypto/conf/conf_mod.c @@ -543,27 +543,17 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data) /* Return default config file name */ -char *CONF_get1_default_config_file(void) - { +char * +CONF_get1_default_config_file(void) +{ char *file; - int len; file = getenv("OPENSSL_CONF"); if (file) return BUF_strdup(file); - - len = strlen(X509_get_default_cert_area()); - len += strlen(OPENSSL_CONF); - - file = malloc(len + 1); - - if (!file) - return NULL; - BUF_strlcpy(file,X509_get_default_cert_area(),len + 1); - BUF_strlcat(file,OPENSSL_CONF,len + 1); - + asprintf(&file, "%s/openssl.cnf", X509_get_default_cert_area()); return file; - } +} /* This function takes a list separated by 'sep' and calls the * callback function giving the start and length of each member diff --git a/lib/libssl/src/crypto/conf/conf_mod.c b/lib/libssl/src/crypto/conf/conf_mod.c index ca7b5e697a9..436f239b12e 100644 --- a/lib/libssl/src/crypto/conf/conf_mod.c +++ b/lib/libssl/src/crypto/conf/conf_mod.c @@ -543,27 +543,17 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data) /* Return default config file name */ -char *CONF_get1_default_config_file(void) - { +char * +CONF_get1_default_config_file(void) +{ char *file; - int len; file = getenv("OPENSSL_CONF"); if (file) return BUF_strdup(file); - - len = strlen(X509_get_default_cert_area()); - len += strlen(OPENSSL_CONF); - - file = malloc(len + 1); - - if (!file) - return NULL; - BUF_strlcpy(file,X509_get_default_cert_area(),len + 1); - BUF_strlcat(file,OPENSSL_CONF,len + 1); - + asprintf(&file, "%s/openssl.cnf", X509_get_default_cert_area()); return file; - } +} /* This function takes a list separated by 'sep' and calls the * callback function giving the start and length of each member |