summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2010-04-20 23:01:29 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2010-04-20 23:01:29 +0000
commit62b528d5c8c76145cc3ed2693a194112fba67889 (patch)
tree60d7e7cd04b24d9e9d4a179aeb9e05bafc31f67c
parentce628862391593c48e896c49c523d472c7be2fcb (diff)
The openssl command line tool treats the non-null terminated buffer
"mbuf" as a C string when using the pop3 s_client feature. This causes a segmentation fault with malloc.conf option "J" set when BIO_printf() runs off the end of the buffer. The following patch fixes PR 6282 from Matthew Haub (asked to submit upstream), ok djm
-rw-r--r--lib/libssl/src/apps/s_client.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libssl/src/apps/s_client.c b/lib/libssl/src/apps/s_client.c
index 70e7254a919..5bbad0e1e60 100644
--- a/lib/libssl/src/apps/s_client.c
+++ b/lib/libssl/src/apps/s_client.c
@@ -1074,7 +1074,7 @@ SSL_set_tlsext_status_ids(con, ids);
if (starttls_proto)
{
- BIO_printf(bio_err,"%s",mbuf);
+ BIO_write(bio_err, mbuf, mbuf_len);
/* We don't need to know any more */
starttls_proto = PROTO_OFF;
}