diff options
| author | Jung-uk Kim <jkim@FreeBSD.org> | 2015-12-03 17:22:58 +0000 |
|---|---|---|
| committer | Jung-uk Kim <jkim@FreeBSD.org> | 2015-12-03 17:22:58 +0000 |
| commit | 737d7e8d3945c206c037e139055821aa0c64bb8e (patch) | |
| tree | b0284af4e4144e27eb9f39e88c53868060774b16 /crypto/buffer | |
| parent | e9fcefce9bb70f20c272a996443928c5f6ab8cd8 (diff) | |
Diffstat (limited to 'crypto/buffer')
| -rw-r--r-- | crypto/buffer/buf_str.c | 21 | ||||
| -rw-r--r-- | crypto/buffer/buffer.h | 6 |
2 files changed, 20 insertions, 7 deletions
diff --git a/crypto/buffer/buf_str.c b/crypto/buffer/buf_str.c index ebc5ab4646cef..fa0d608e76bbb 100644 --- a/crypto/buffer/buf_str.c +++ b/crypto/buffer/buf_str.c @@ -58,6 +58,7 @@ #include <stdio.h> #include "cryptlib.h" +#include <limits.h> #include <openssl/buffer.h> size_t BUF_strnlen(const char *str, size_t maxlen) @@ -72,7 +73,7 @@ size_t BUF_strnlen(const char *str, size_t maxlen) char *BUF_strdup(const char *str) { if (str == NULL) - return (NULL); + return NULL; return BUF_strndup(str, strlen(str)); } @@ -81,16 +82,22 @@ char *BUF_strndup(const char *str, size_t siz) char *ret; if (str == NULL) - return (NULL); + return NULL; siz = BUF_strnlen(str, siz); + if (siz >= INT_MAX) + return NULL; + ret = OPENSSL_malloc(siz + 1); if (ret == NULL) { BUFerr(BUF_F_BUF_STRNDUP, ERR_R_MALLOC_FAILURE); - return (NULL); + return NULL; } - BUF_strlcpy(ret, str, siz + 1); + + memcpy(ret, str, siz); + ret[siz] = '\0'; + return (ret); } @@ -98,13 +105,13 @@ void *BUF_memdup(const void *data, size_t siz) { void *ret; - if (data == NULL) - return (NULL); + if (data == NULL || siz >= INT_MAX) + return NULL; ret = OPENSSL_malloc(siz); if (ret == NULL) { BUFerr(BUF_F_BUF_MEMDUP, ERR_R_MALLOC_FAILURE); - return (NULL); + return NULL; } return memcpy(ret, data, siz); } diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h index c343dd772f1ef..efd240a5f91e2 100644 --- a/crypto/buffer/buffer.h +++ b/crypto/buffer/buffer.h @@ -86,7 +86,13 @@ int BUF_MEM_grow(BUF_MEM *str, size_t len); int BUF_MEM_grow_clean(BUF_MEM *str, size_t len); size_t BUF_strnlen(const char *str, size_t maxlen); char *BUF_strdup(const char *str); + +/* + * Like strndup, but in addition, explicitly guarantees to never read past the + * first |siz| bytes of |str|. + */ char *BUF_strndup(const char *str, size_t siz); + void *BUF_memdup(const void *data, size_t siz); void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz); |