From: Lev Stipakov <l...@openvpn.net>
OpenSSL's version of crypto_pem_encode() uses PEM_write_bio()
function to write PEM-encoded data to BIO object. That method doesn't
add NUL termanator, unlike its mbedTLS counterpart mbedtls_pem_write_buffer().
The code which uses PEM data treats it as a string, so missing NUL
terminator makes sanitizer to compain.
Fix by adding a NUL terminator.
Signed-off-by: Lev Stipakov <l...@openvpn.net>
---
v2: use a dedivcated function to add a nul terminator
src/openvpn/crypto_openssl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index 9691ce0..c049e52 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -400,8 +400,9 @@ crypto_pem_encode(const char *name, struct buffer *dst,
BUF_MEM *bptr;
BIO_get_mem_ptr(bio, &bptr);
- *dst = alloc_buf_gc(bptr->length, gc);
+ *dst = alloc_buf_gc(bptr->length + 1, gc);
ASSERT(buf_write(dst, bptr->data, bptr->length));
+ buf_null_terminate(dst);
ret = true;
cleanup:
--
2.7.4
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
