Ensure a string is properly terminated in http_client.c

In HTTP_new_bio(), if the host has a trailing '/' we took a copy of the hostname but failed to terminate it properly. Reviewed-by: N David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: N Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12275)

Ensure a string is properly terminated in http_client.c
In HTTP_new_bio(), if the host has a trailing '/' we took a copy of the hostname but failed to terminate it properly. Reviewed-by: N David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: N Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12275)
5a640713 · Matt Caswell · 64bb6276 · 5a640713
隐藏空白更改
内联并排

Showing with 9 addition and 4 deletion

crypto/http/http_client.c crypto/http/http_client.c +9 -4

未找到文件。
--- a/crypto/http/http_client.c
+++ b/crypto/http/http_client.c
@@ -712,10 +712,15 @@ static BIO *HTTP_new_bio(const char *server /* optionally includes ":port" */,
    }

    host_end = strchr(host, '/');
-    if (host_end != NULL && (size_t)(host_end - host) < sizeof(host_name)) {
-        /* chop trailing string starting with '/' */
-        strncpy(host_name, host, host_end - host + 1);
-        host = host_name;
+    if (host_end != NULL) {
+        size_t host_len = host_end - host;
+
+        if (host_len < sizeof(host_name)) {
+            /* chop trailing string starting with '/' */
+            strncpy(host_name, host, host_len);
+            host_name[host_len] = '\0';
+            host = host_name;
+        }
    }

    cbio = BIO_new_connect(host /* optionally includes ":port" */);