gen_pkcs3: Terminate string before calling BH_hex2bn()

nomis · Sep 24, 2020 · 820a704 · 820a704
1 parent 2377e1d
commit 820a704
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/src/util/gen_pkcs3.c b/src/util/gen_pkcs3.c
@@ -54,7 +54,6 @@ void __attribute__((__noreturn__))
 die_openssl_err(const char *msg)
 {
   char err_string[250];
-  unsigned long e;
 
   ERR_error_string_n(ERR_get_error(), err_string, sizeof(err_string));
   die("%s: %s", msg, err_string);
@@ -71,7 +70,7 @@ bn_from_text(const char *text)
   int rc;
 
   len = strlen(text);
-  spaceless = malloc(len);
+  spaceless = malloc(len + 1);
   if (!spaceless)
     die("malloc(%zu) failed: %s", len, strerror(errno));
 
@@ -81,13 +80,15 @@ bn_from_text(const char *text)
     if (!isspace(*q))
       *p++ = *q;
   }
+  len = p - spaceless;
+  *p++ = '\0';
 
   b = NULL;
   rc = BN_hex2bn(&b, spaceless);
 
-  if (rc != p - spaceless)
+  if (rc != (int)len)
     die("BN_hex2bn did not convert entire input; took %d of %zu bytes",
-        rc, p - spaceless);
+        rc, len);
 
   return b;
 }