wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

UI_UTIL_wrap_read_pem_callback: make sure to terminate the string received

Browse source 
The callback we're wrapping around may or may not return a
NUL-terminated string.  Let's ensure it is.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3791)
This commit is contained in:
Richard Levitte 2017-06-28 11:17:24 +02:00
parent e041f3b8ba
commit 3816be5d4a
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
crypto/ui/ui_util.c
View file

@ -104,7 +104,7 @@ static int ui_read(UI *ui, UI_STRING *uis)
switch (UI_get_string_type(uis)) {
case UIT_PROMPT:
{
char result[PEM_BUFSIZE];
char result[PEM_BUFSIZE + 1];
const struct pem_password_cb_data *data =
UI_method_get_ex_data(UI_get_method(ui), ui_method_data_index);
int maxsize = UI_get_result_maxsize(uis);
@ -112,6 +112,8 @@ static int ui_read(UI *ui, UI_STRING *uis)
maxsize > PEM_BUFSIZE ? PEM_BUFSIZE : maxsize,
data->rwflag, UI_get0_user_data(ui));
if (len >= 0)
result[len] = '\0';
if (len <= 0)
return len;
if (UI_set_result(ui, uis, result) >= 0)