search

libressl / openbsd

Source code pulled from OpenBSD for LibreSSL - this includes most of the library and supporting code. The place to contribute to this code is via the OpenBSD CVS tree. Please mail patches to tech@openbsd.org, instead of submitting pull requests, since this tree is often rebased.
231 stars 92 forks source link

OBJ_obj2txt() fails if supplied buffer is too small #73

Closed rhenium closed 7 years ago

rhenium commented 7 years ago

If the supplied buffer is smaller than the required space, LibreSSL's OBJ_obj2txt() fails with 0 return. This contradicts the documentation:

OBJ_obj2txt() converts the ASN1_OBJECT a into a textual representation. The representation is written as a NUL terminated string to buf. At most buf_len bytes are written, truncating the result if necessary. The total amount of space required is returned. If no_name is 0 and the object has a long or short name, then that will be used, otherwise the numerical form will be used.

Test code:

#include <stdio.h>
#include <openssl/objects.h>

int main(void)
{
    char buf[10];
    int ret;
    ASN1_OBJECT *obj;
    const char *oid = "0.1.2.3.4.5.6.7.8.9"; /* 19 characters + \0 */

    obj = OBJ_txt2obj(oid, 1);
    if (!oid)
        return 1;

    ret = OBJ_obj2txt(buf, sizeof buf, obj, 1);
    printf("OBJ_obj2txt() returned %d, buf = %s\n", ret, buf);

    ASN1_OBJECT_free(obj);
}

OpenSSL 1.1.0:

OBJ_obj2txt() returned 19, buf = 0.1.2.3.4

LibreSSL GitHub master:

OBJ_obj2txt() returned 0, buf = 0.1.2.3.4

I'd expect OBJ_obj2txt() to always return the length of the resulting string (excluding the NUL terminator) so that I can retry with a larger buffer, as OpenSSL's does.

rhenium commented 7 years ago

Fixed by a666d898b245 (obj_dat.c,v 1.36). @kinichiro Thank you for the fix!