summaryrefslogtreecommitdiffstats
path: root/crypto/buffer
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/buffer')
-rw-r--r--crypto/buffer/buf_str.c21
-rw-r--r--crypto/buffer/buffer.h6
2 files changed, 20 insertions, 7 deletions
diff --git a/crypto/buffer/buf_str.c b/crypto/buffer/buf_str.c
index ebc5ab4..fa0d608 100644
--- a/crypto/buffer/buf_str.c
+++ b/crypto/buffer/buf_str.c
@@ -58,6 +58,7 @@
#include <stdio.h>
#include "cryptlib.h"
+#include <limits.h>
#include <openssl/buffer.h>
size_t BUF_strnlen(const char *str, size_t maxlen)
@@ -72,7 +73,7 @@ size_t BUF_strnlen(const char *str, size_t maxlen)
char *BUF_strdup(const char *str)
{
if (str == NULL)
- return (NULL);
+ return NULL;
return BUF_strndup(str, strlen(str));
}
@@ -81,16 +82,22 @@ char *BUF_strndup(const char *str, size_t siz)
char *ret;
if (str == NULL)
- return (NULL);
+ return NULL;
siz = BUF_strnlen(str, siz);
+ if (siz >= INT_MAX)
+ return NULL;
+
ret = OPENSSL_malloc(siz + 1);
if (ret == NULL) {
BUFerr(BUF_F_BUF_STRNDUP, ERR_R_MALLOC_FAILURE);
- return (NULL);
+ return NULL;
}
- BUF_strlcpy(ret, str, siz + 1);
+
+ memcpy(ret, str, siz);
+ ret[siz] = '\0';
+
return (ret);
}
@@ -98,13 +105,13 @@ void *BUF_memdup(const void *data, size_t siz)
{
void *ret;
- if (data == NULL)
- return (NULL);
+ if (data == NULL || siz >= INT_MAX)
+ return NULL;
ret = OPENSSL_malloc(siz);
if (ret == NULL) {
BUFerr(BUF_F_BUF_MEMDUP, ERR_R_MALLOC_FAILURE);
- return (NULL);
+ return NULL;
}
return memcpy(ret, data, siz);
}
diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h
index c343dd7..efd240a 100644
--- a/crypto/buffer/buffer.h
+++ b/crypto/buffer/buffer.h
@@ -86,7 +86,13 @@ int BUF_MEM_grow(BUF_MEM *str, size_t len);
int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
size_t BUF_strnlen(const char *str, size_t maxlen);
char *BUF_strdup(const char *str);
+
+/*
+ * Like strndup, but in addition, explicitly guarantees to never read past the
+ * first |siz| bytes of |str|.
+ */
char *BUF_strndup(const char *str, size_t siz);
+
void *BUF_memdup(const void *data, size_t siz);
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
OpenPOWER on IntegriCloud