Hello,
The openssl command line tool treats the non-null terminated buffer
"mbuf" as a C string when using the pop3 s_client feature. This causes
a segmentation fault with malloc.conf option "J" set when BIO_printf()
runs off the end of the buffer. The following patch fixes PR 6282.
Matthew
Index: s_client.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/apps/s_client.c,v
retrieving revision 1.19
diff -u s_client.c
--- s_client.c 30 Jan 2009 03:56:05 -0000 1.19
+++ s_client.c 6 Apr 2010 13:26:17 -0000
@@ -1074,7 +1074,7 @@
if (starttls_proto)
{
- BIO_printf(bio_err,"%s",mbuf);
+ BIO_write(bio_err, mbuf, mbuf_len);
/* We don't need to know any more */
starttls_proto = PROTO_OFF;
}
