The branch OpenSSL_1_0_2-stable has been updated
via da0bbdd62614df6d6a33f91142a3e72525f7186e (commit)
from e78c4f531d44d2454ba44b9de615920d340e77ce (commit)
- Log -----------------------------------------------------------------
commit da0bbdd62614df6d6a33f91142a3e72525f7186e
Author: Bernd Edlinger <[email protected]>
Date: Mon Jun 25 09:53:46 2018 +0200
Fix some more gcc-9 warnings [-Wstringop-truncation]
Reviewed-by: Richard Levitte <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/6586)
-----------------------------------------------------------------------
Summary of changes:
apps/passwd.c | 6 +++---
ssl/s3_srvr.c | 9 +++++----
2 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/apps/passwd.c b/apps/passwd.c
index 56e10ad..718f0e0 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -306,9 +306,9 @@ static char *md5crypt(const char *passwd, const char
*magic, const char *salt)
out_buf[0] = '$';
out_buf[1] = 0;
assert(strlen(magic) <= 4); /* "1" or "apr1" */
- strncat(out_buf, magic, 4);
- strncat(out_buf, "$", 1);
- strncat(out_buf, salt, 8);
+ BUF_strlcat(out_buf, magic, sizeof(out_buf));
+ BUF_strlcat(out_buf, "$", sizeof(out_buf));
+ BUF_strlcat(out_buf, salt, sizeof(out_buf));
assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
salt_out = out_buf + 2 + strlen(magic);
salt_len = strlen(salt_out);
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 96d973c..753b804 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1959,11 +1959,12 @@ int ssl3_send_server_key_exchange(SSL *s)
#ifndef OPENSSL_NO_PSK
if (type & SSL_kPSK) {
+ size_t len = strlen(s->ctx->psk_identity_hint);
+
/* copy PSK identity hint */
- s2n(strlen(s->ctx->psk_identity_hint), p);
- strncpy((char *)p, s->ctx->psk_identity_hint,
- strlen(s->ctx->psk_identity_hint));
- p += strlen(s->ctx->psk_identity_hint);
+ s2n(len, p);
+ memcpy(p, s->ctx->psk_identity_hint, len);
+ p += len;
}
#endif
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
