From 96f1de5bf40af27db3df91c106d799fa86165eb9 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 3 Jun 2016 15:53:54 +0100 Subject: [PATCH] BIO_printf() can fail to print the last character If the string to print is exactly 2048 character long (excluding the NULL terminator) then BIO_printf will chop off the last byte. This is because it has filled its static buffer but hasn't yet allocated a dynamic buffer. In cases where we don't have a dynamic buffer we need to truncate but that is not the case for BIO_printf(). We need to check whether we are able to have a dynamic buffer buffer deciding to truncate. Reviewed-by: Rich Salz --- crypto/bio/b_print.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c index 90248fa2aa..987fe068c6 100644 --- a/crypto/bio/b_print.c +++ b/crypto/bio/b_print.c @@ -423,9 +423,15 @@ _dopr(char **sbuffer, break; } } - *truncated = (currlen > *maxlen - 1); - if (*truncated) - currlen = *maxlen - 1; + /* + * We have to truncate if there is no dynamic buffer and we have filled the + * static buffer. + */ + if (buffer == NULL) { + *truncated = (currlen > *maxlen - 1); + if (*truncated) + currlen = *maxlen - 1; + } if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0')) return 0; *retlen = currlen - 1; -- 2.25.1