summary refs log tree commit diff stats
path: root/src/common/ssl.c
diff options
context:
space:
mode:
authorTingPing <tingping@fedoraproject.org>2014-09-20 13:52:31 -0400
committerTingPing <tingping@fedoraproject.org>2014-09-20 13:52:31 -0400
commit84df81f336abc5e6341ccbf42ac59c339ed2c159 (patch)
tree0bfc421db76338de705b3990125399d81cd09e10 /src/common/ssl.c
parenta9a6cbda4ed61fb763d7e0c7bdb4db856468374a (diff)
Replace some unsafe usage of strncpy
Ensure everything is null terminated
Diffstat (limited to 'src/common/ssl.c')
-rw-r--r--src/common/ssl.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/src/common/ssl.c b/src/common/ssl.c
index 71d4f1da..1ef28cfd 100644
--- a/src/common/ssl.c
+++ b/src/common/ssl.c
@@ -111,8 +111,8 @@ ASN1_TIME_snprintf (char *buf, int buf_len, ASN1_TIME * tm)
 	buf[0] = 0;
 	if (expires != NULL)
 	{
-		memset (buf, 0, buf_len);
-		strncpy (buf, expires, 24);
+		/* expires is not \0 terminated */
+		safe_strcpy (buf, expires, MIN(24, buf_len));
 	}
 	BIO_free (inMem);
 }
@@ -174,17 +174,17 @@ _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
 
 	peer_pkey = X509_get_pubkey (peer_cert);
 
-	strncpy (cert_info->algorithm,
+	safe_strcpy (cert_info->algorithm,
 				(alg == NID_undef) ? "Unknown" : OBJ_nid2ln (alg),
 				sizeof (cert_info->algorithm));
 	cert_info->algorithm_bits = EVP_PKEY_bits (peer_pkey);
-	strncpy (cert_info->sign_algorithm,
+	safe_strcpy (cert_info->sign_algorithm,
 				(sign_alg == NID_undef) ? "Unknown" : OBJ_nid2ln (sign_alg),
 				sizeof (cert_info->sign_algorithm));
 	/* EVP_PKEY_bits(ca_pkey)); */
 	cert_info->sign_algorithm_bits = 0;
-	strncpy (cert_info->notbefore, notBefore, sizeof (cert_info->notbefore));
-	strncpy (cert_info->notafter, notAfter, sizeof (cert_info->notafter));
+	safe_strcpy (cert_info->notbefore, notBefore, sizeof (cert_info->notbefore));
+	safe_strcpy (cert_info->notafter, notAfter, sizeof (cert_info->notafter));
 
 	EVP_PKEY_free (peer_pkey);
 
@@ -213,9 +213,9 @@ _SSL_get_cipher_info (SSL * ssl)
 
 
 	c = SSL_get_current_cipher (ssl);
-	strncpy (chiper_info.version, SSL_CIPHER_get_version (c),
+	safe_strcpy (chiper_info.version, SSL_CIPHER_get_version (c),
 				sizeof (chiper_info.version));
-	strncpy (chiper_info.chiper, SSL_CIPHER_get_name (c),
+	safe_strcpy (chiper_info.chiper, SSL_CIPHER_get_name (c),
 				sizeof (chiper_info.chiper));
 	SSL_CIPHER_get_bits (c, &chiper_info.chiper_bits);