changeset: 6872:db13010a2e8d
user: Vincent Lefevre <vinc...@vinc17.net>
date: Mon Nov 21 23:10:47 2016 +0100
link: http://dev.mutt.org/hg/mutt/rev/db13010a2e8d
Make sure that the output of X509_NAME_oneline is null-terminated.
diffs (24 lines):
diff -r c770d2fa615b -r db13010a2e8d mutt_ssl.c
--- a/mutt_ssl.c Sun Nov 20 16:19:18 2016 -0800
+++ b/mutt_ssl.c Mon Nov 21 23:10:47 2016 +0100
@@ -969,9 +969,10 @@
#ifdef DEBUG
char buf[STRING];
+ buf[STRING - 1] = '\0';
dprint (1, (debugfile, "ssl_check_certificate: checking cert %s\n",
X509_NAME_oneline (X509_get_subject_name (data->cert),
- buf, sizeof (buf))));
+ buf, sizeof (buf) - 1)));
#endif
if ((preauthrc = ssl_check_preauth (data->cert, conn->account.host)) > 0)
@@ -991,7 +992,7 @@
dprint (1, (debugfile, "ssl_check_certificate: checking cert chain entry
%s\n",
X509_NAME_oneline (X509_get_subject_name (cert),
- buf, sizeof (buf))));
+ buf, sizeof (buf) - 1)));
/* if the certificate validates or is manually accepted, then add it to
* the trusted set and recheck the peer certificate */
