In UI_UTIL_read_pw(), we should look at the size parameter, not at BUFSIZ.

author Richard Levitte <levitte@openssl.org>

Thu, 11 Jul 2002 09:12:37 +0000 (09:12 +0000)

committer Richard Levitte <levitte@openssl.org>

Thu, 11 Jul 2002 09:12:37 +0000 (09:12 +0000)
author Richard Levitte <levitte@openssl.org>
Thu, 11 Jul 2002 09:12:37 +0000 (09:12 +0000)
committer Richard Levitte <levitte@openssl.org>
Thu, 11 Jul 2002 09:12:37 +0000 (09:12 +0000)
diff --git a/crypto/ui/ui_util.c b/crypto/ui/ui_util.c

index 7c6f7d3a73f615fb8dbb87fdc2d2b0799f796be6..f05573df3384e9ea7dc7276713ef96a848244f45 100644 (file)
--- a/crypto/ui/ui_util.c
+++ b/crypto/ui/ui_util.c
@@ -71,12 +71,15 @@ int UI_UTIL_read_pw(char *buf,char *buff,int size,const char *prompt,int verify)
         int ok = 0;
         UI *ui;
  
+       if (size < 1)
+               return -1;
+
         ui = UI_new();
         if (ui)
                 {
-               ok = UI_add_input_string(ui,prompt,0,buf,0,BUFSIZ-1);
+               ok = UI_add_input_string(ui,prompt,0,buf,0,size-1);
                 if (ok == 0 && verify)
-                       ok = UI_add_verify_string(ui,prompt,0,buff,0,BUFSIZ-1,
+                       ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1,
                                 buf);
                 if (ok == 0)
                         ok=UI_process(ui);
author	Richard Levitte <levitte@openssl.org>
	Thu, 11 Jul 2002 09:12:37 +0000 (09:12 +0000)
committer	Richard Levitte <levitte@openssl.org>
	Thu, 11 Jul 2002 09:12:37 +0000 (09:12 +0000)