Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BIO range checking. #3870

Closed
wants to merge 1 commit into from
Closed

BIO range checking. #3870

wants to merge 1 commit into from

Conversation

paulidale
Copy link
Contributor

Add length limits to avoid problems with sprintf, strcpy and strcat. This replaces recently removed code but also guards some previously missing function calls (for DOS & Windows).

Reworked the BIO_dump_indent_cb code to reduce temporary storage.

@paulidale
BIO range checking.
2d5cca5 
Add length limits to avoid problems with sprintf, strcpy and strcat.  This replaces recently removed code but also guards some previously missing function calls (for DOS & Windows).

Reworked the BIO_dump_indent_cb code to reduce temporary storage.
@richsalz richsalz added branch: master Merge to master branch approval: done This pull request has the required number of approvals labels Jul 6, 2017
levitte pushed a commit that referenced this pull request Jul 6, 2017
@paulidale
BIO range checking.
59e539e 
Add length limits to avoid problems with sprintf, strcpy and strcat.  This replaces recently removed code but also guards some previously missing function calls (for DOS & Windows).

Reworked the BIO_dump_indent_cb code to reduce temporary storage.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from #3870)
@paulidale
Copy link
Contributor Author

Thanks.

@paulidale paulidale closed this Jul 6, 2017
@paulidale paulidale deleted the bio-strfunc branch July 6, 2017 21:24
kaduk
kaduk reviewed Jul 7, 2017
View reviewed changes
crypto/bio/b_dump.c
ret += cb((void *)buf, strlen(buf), u);
n = BIO_snprintf(buf, sizeof(buf), "%*s%04x - <SPACES/NULS>\n",
indent, "", len + trc);
ret += cb((void *)buf, n, u);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How bad would it be if we passed a negative 'n' to cb() here?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaduk kaduk kaduk left review comments

@levitte levitte levitte approved these changes

Assignees
No one assigned
Labels
approval: done This pull request has the required number of approvals branch: master Merge to master branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@paulidale @levitte @kaduk @richsalz