From: Simon Arlott Date: Thu, 24 Sep 2020 22:03:14 +0000 (+0100) Subject: gen_pkcs3: Terminate string before calling BH_hex2bn() X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/18baa0fcce81e138d7179a48c3900505f22ab525 gen_pkcs3: Terminate string before calling BH_hex2bn() Signed-off-by: Phil Pennock --- diff --git a/src/util/gen_pkcs3.c b/src/util/gen_pkcs3.c index 6a467e07a..5c4e42993 100644 --- a/src/util/gen_pkcs3.c +++ b/src/util/gen_pkcs3.c @@ -54,7 +54,6 @@ void __attribute__((__noreturn__)) die_openssl_err(const char *msg) { char err_string[250]; - unsigned long e; ERR_error_string_n(ERR_get_error(), err_string, sizeof(err_string)); die("%s: %s", msg, err_string); @@ -71,9 +70,9 @@ bn_from_text(const char *text) int rc; len = strlen(text); - spaceless = malloc(len); + spaceless = malloc(len + 1); if (!spaceless) - die("malloc(%zu) failed: %s", len, strerror(errno)); + die("malloc(%zu) failed: %s", len + 1, strerror(errno)); for (p = spaceless, q = text, end = text + len; q < end; @@ -81,13 +80,15 @@ bn_from_text(const char *text) if (!isspace(*q)) *p++ = *q; } + len = p - spaceless; + *p++ = '\0'; b = NULL; rc = BN_hex2bn(&b, spaceless); - if (rc != p - spaceless) + if (rc != (int)len) die("BN_hex2bn did not convert entire input; took %d of %zu bytes", - rc, p - spaceless); + rc, len); return b; }