提交 741a9690 编写于 作者: U Ulf Möller

Fix potential buffer overrun for EBCDIC.

上级 e24e4065
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000] Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
*) Fix potential buffer overrun for EBCDIC.
[Ulf Moeller]
*) New function OCSP_copy_nonce() to copy nonce value (if present) from *) New function OCSP_copy_nonce() to copy nonce value (if present) from
request to response. request to response.
[Steve Henson] [Steve Henson]
......
...@@ -87,9 +87,16 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml) ...@@ -87,9 +87,16 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
else BIO_printf(out, "%s:%s", nval->name, nval->value); else BIO_printf(out, "%s:%s", nval->name, nval->value);
#else #else
else { else {
char tmp[10240]; /* 10k is BIO_printf's limit anyway */ int len;
ascii2ebcdic(tmp, nval->value, strlen(nval->value)+1); char *tmp;
BIO_printf(out, "%s:%s", nval->name, tmp); len = strlen(nval->value)+1;
tmp = OPENSSL_malloc(len);
if (tmp)
{
ascii2ebcdic(tmp, nval->value, len);
BIO_printf(out, "%s:%s", nval->name, tmp);
OPENSSL_free(tmp);
}
} }
#endif #endif
if(ml) BIO_puts(out, "\n"); if(ml) BIO_puts(out, "\n");
...@@ -123,9 +130,16 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde ...@@ -123,9 +130,16 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde
BIO_printf(out, "%*s%s", indent, "", value); BIO_printf(out, "%*s%s", indent, "", value);
#else #else
{ {
char tmp[10240]; /* 10k is BIO_printf's limit anyway */ int len;
ascii2ebcdic(tmp, value, strlen(value)+1); char *tmp;
BIO_printf(out, "%*s%s", indent, "", tmp); len = strlen(value)+1;
tmp = OPENSSL_malloc(len);
if (tmp)
{
ascii2ebcdic(tmp, value, len);
BIO_printf(out, "%*s%s", indent, "", tmp);
OPENSSL_free(tmp);
}
} }
#endif #endif
} else if(method->i2v) { } else if(method->i2v) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册