wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12169 commits 20 branches 302 tags 153 MiB
Commit graph

8 commits

Author SHA1 Message Date
Emilia Kasper
f5afe9ce3f BUF_strndup: tidy 
Fix comment, add another overflow check, tidy style

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit de8883e11b)
 2015-09-22 20:04:01 +02:00
Alessandro Ghedini
f61216ba9d Make BUF_strndup() read-safe on arbitrary inputs 
BUF_strndup was calling strlen through BUF_strlcpy, and ended up reading
past the input if the input was not a C string.

Make it explicitly part of BUF_strndup's contract to never read more
than |siz| input bytes. This augments the standard strndup contract to
be safer.

The commit also adds a check for siz overflow and some brief documentation
for BUF_strndup().

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 110f7b37de)
 2015-09-22 20:03:57 +02:00
Matt Caswell
ae5c8664e5 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:31:38 +00:00
Ben Laurie
d77501d8fd Check length first in BUF_strnlen(). 2014-05-22 10:12:10 +01:00
Ben Laurie
4f7236edc7 Remove redundant test. 2014-05-21 12:03:50 +01:00
Ben Laurie
ed693e4332 Implement BUF_strnlen() and use it instead of strlen(). 2014-05-21 11:56:21 +01:00
Ben Laurie
4ceb430a46 Don't allocate more than is needed in BUF_strndup(). 2014-05-20 13:53:35 +01:00
Dr. Stephen Henson
d51519eba4 add buf_str.c file 2011-01-09 13:30:58 +00:00