git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
CVE-2020-28014, CVE-2021-27216: PID file handling
[exim.git]
/
src
/
util
/
gen_pkcs3.c
diff --git
a/src/util/gen_pkcs3.c
b/src/util/gen_pkcs3.c
index 6a467e07a99e950b345c5476fdc6ffac49cf6845..5c4e42993142efaf5753ec4440d365c145cdcb79 100644
(file)
--- a/
src/util/gen_pkcs3.c
+++ b/
src/util/gen_pkcs3.c
@@
-54,7
+54,6
@@
void __attribute__((__noreturn__))
die_openssl_err(const char *msg)
{
char err_string[250];
die_openssl_err(const char *msg)
{
char err_string[250];
- unsigned long e;
ERR_error_string_n(ERR_get_error(), err_string, sizeof(err_string));
die("%s: %s", msg, err_string);
ERR_error_string_n(ERR_get_error(), err_string, sizeof(err_string));
die("%s: %s", msg, err_string);
@@
-71,9
+70,9
@@
bn_from_text(const char *text)
int rc;
len = strlen(text);
int rc;
len = strlen(text);
- spaceless = malloc(len);
+ spaceless = malloc(len
+ 1
);
if (!spaceless)
if (!spaceless)
- die("malloc(%zu) failed: %s", len, strerror(errno));
+ die("malloc(%zu) failed: %s", len
+ 1
, strerror(errno));
for (p = spaceless, q = text, end = text + len;
q < end;
for (p = spaceless, q = text, end = text + len;
q < end;
@@
-81,13
+80,15
@@
bn_from_text(const char *text)
if (!isspace(*q))
*p++ = *q;
}
if (!isspace(*q))
*p++ = *q;
}
+ len = p - spaceless;
+ *p++ = '\0';
b = NULL;
rc = BN_hex2bn(&b, spaceless);
b = NULL;
rc = BN_hex2bn(&b, spaceless);
- if (rc !=
p - spaceless
)
+ if (rc !=
(int)len
)
die("BN_hex2bn did not convert entire input; took %d of %zu bytes",
die("BN_hex2bn did not convert entire input; took %d of %zu bytes",
- rc,
p - spaceless
);
+ rc,
len
);
return b;
}
return b;
}