Fix potential buffer overrun for EBCDIC.

author Ulf Möller <ulf@openssl.org>

Tue, 6 Feb 2001 02:54:02 +0000 (02:54 +0000)

committer Ulf Möller <ulf@openssl.org>

Tue, 6 Feb 2001 02:54:02 +0000 (02:54 +0000)
author Ulf Möller <ulf@openssl.org>
Tue, 6 Feb 2001 02:54:02 +0000 (02:54 +0000)
committer Ulf Möller <ulf@openssl.org>
Tue, 6 Feb 2001 02:54:02 +0000 (02:54 +0000)
diff --git a/CHANGES b/CHANGES

index f817e9356600baac8a4c5b7b56d5c5c4eeb3149a..e3f265394583e3cb40e5987340957e60d6eff4ce 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,9 @@
  
   Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
  
+  *) Fix potential buffer overrun for EBCDIC.
+     [Ulf Moeller]
+
    *) New function OCSP_copy_nonce() to copy nonce value (if present) from
       request to response.
       [Steve Henson]
diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c

index 62ec1f1db312099e650cb1ab575e2119a8152ca1..8a7659eefc90f91e777bd73cfdbb39dce61b5d36 100644 (file)
--- a/crypto/x509v3/v3_prn.c
+++ b/crypto/x509v3/v3_prn.c
@@ -87,9 +87,16 @@ void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
                 else BIO_printf(out, "%s:%s", nval->name, nval->value);
  #else
                 else {
-                       char tmp[10240]; /* 10k is BIO_printf's limit anyway */
-                       ascii2ebcdic(tmp, nval->value, strlen(nval->value)+1);
-                       BIO_printf(out, "%s:%s", nval->name, tmp);
+                       int len;
+                       char *tmp;
+                       len = strlen(nval->value)+1;
+                       tmp = OPENSSL_malloc(len);
+                       if (tmp)
+                       {
+                               ascii2ebcdic(tmp, nval->value, len);
+                               BIO_printf(out, "%s:%s", nval->name, tmp);
+                               OPENSSL_free(tmp);
+                       }
                 }
  #endif
                 if(ml) BIO_puts(out, "\n");
@@ -123,9 +130,16 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde
                 BIO_printf(out, "%*s%s", indent, "", value);
  #else
                 {
-                       char tmp[10240]; /* 10k is BIO_printf's limit anyway */
-                       ascii2ebcdic(tmp, value, strlen(value)+1);
-                       BIO_printf(out, "%*s%s", indent, "", tmp);
+                       int len;
+                       char *tmp;
+                       len = strlen(value)+1;
+                       tmp = OPENSSL_malloc(len);
+                       if (tmp)
+                       {
+                               ascii2ebcdic(tmp, value, len);
+                               BIO_printf(out, "%*s%s", indent, "", tmp);
+                               OPENSSL_free(tmp);
+                       }
                 }
  #endif
         } else if(method->i2v) {
author	Ulf Möller <ulf@openssl.org>
	Tue, 6 Feb 2001 02:54:02 +0000 (02:54 +0000)
committer	Ulf Möller <ulf@openssl.org>
	Tue, 6 Feb 2001 02:54:02 +0000 (02:54 +0000)
CHANGES		patch \| blob \| history
crypto/x509v3/v3_prn.c		patch \| blob \| history