From 7606c231c9e056822c4613c7617390bcdb822108 Mon Sep 17 00:00:00 2001 From: FdaSilvaYY Date: Tue, 5 Jul 2016 19:48:23 +0200 Subject: [PATCH] Simplify buffer limit checking, and reuse BIO_snprintf returned value. Reviewed-by: Matt Caswell Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1284) --- apps/s_time.c | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/apps/s_time.c b/apps/s_time.c index ecab515b1f..a08a14d83a 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -41,8 +41,6 @@ #undef BUFSIZZ #define BUFSIZZ 1024*10 -#define MYBUFSIZ 1024*8 - #undef min #undef max #define min(a,b) (((a) < (b)) ? (a) : (b)) @@ -57,6 +55,8 @@ extern int verify_error; static SSL *doConnection(SSL *scon, const char *host, SSL_CTX *ctx); +static const char fmt_http_get_cmd[] = "GET %s HTTP/1.0\r\n\r\n"; + typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_CONNECT, OPT_CIPHER, OPT_CERT, OPT_KEY, OPT_CAPATH, @@ -109,11 +109,11 @@ int s_time_main(int argc, char **argv) char *host = SSL_CONNECT_NAME, *certfile = NULL, *keyfile = NULL, *prog; double totalTime = 0.0; int noCApath = 0, noCAfile = 0; - int maxtime = SECONDS, nConn = 0, perform = 3, ret = 1, i, st_bugs = - 0, ver; + int maxtime = SECONDS, nConn = 0, perform = 3, ret = 1, i, st_bugs = 0; long bytes_read = 0, finishtime = 0; OPTION_CHOICE o; - int max_version = 0; + int max_version = 0, ver, buf_len; + size_t buf_size; meth = TLS_client_method(); verify_depth = 0; @@ -176,8 +176,9 @@ int s_time_main(int argc, char **argv) break; case OPT_WWW: www_path = opt_arg(); - if (strlen(www_path) > MYBUFSIZ - 100) { - BIO_printf(bio_err, "%s: -www option too long\n", prog); + buf_size = strlen(www_path) + sizeof(fmt_http_get_cmd) - 2; /* 2 is for %s */ + if (buf_size > sizeof(buf)) { + BIO_printf(bio_err, "%s: -www option is too long\n", prog); goto end; } break; @@ -232,9 +233,9 @@ int s_time_main(int argc, char **argv) goto end; if (www_path != NULL) { - BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", - www_path); - if (SSL_write(scon, buf, strlen(buf)) <= 0) + buf_len = BIO_snprintf(buf, sizeof buf, + fmt_http_get_cmd, www_path); + if (SSL_write(scon, buf, buf_len) <= 0) goto end; while ((i = SSL_read(scon, buf, sizeof(buf))) > 0) bytes_read += i; @@ -290,8 +291,9 @@ int s_time_main(int argc, char **argv) } if (www_path != NULL) { - BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", www_path); - if (SSL_write(scon, buf, strlen(buf)) <= 0) + buf_len = BIO_snprintf(buf, sizeof buf, + fmt_http_get_cmd, www_path); + if (SSL_write(scon, buf, buf_len) <= 0) goto end; while (SSL_read(scon, buf, sizeof(buf)) > 0) continue; -- 2.25.1