summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorTed Unangst <tedu@cvs.openbsd.org>2014-04-16 15:35:37 +0000
committerTed Unangst <tedu@cvs.openbsd.org>2014-04-16 15:35:37 +0000
commit32c983dce38409cab322b5f4aede49b71525e82b (patch)
treea2b1fa4e41ec2a9ba3acb217fa682e2b0b5f87b6 /lib
parentc263c05c147f4e7fa9e7f79611a8814ae8ed855c (diff)
replace some bio_snprintf crazy with regular snprintf.
beck had a diff to convert to strftime, but it's easier to verify this is functionally the same. ok beck.
Diffstat (limited to 'lib')
-rw-r--r--lib/libcrypto/ts/ts_rsp_sign.c47
1 files changed, 26 insertions, 21 deletions
diff --git a/lib/libcrypto/ts/ts_rsp_sign.c b/lib/libcrypto/ts/ts_rsp_sign.c
index b0f023c9d2f..a6ce1796c62 100644
--- a/lib/libcrypto/ts/ts_rsp_sign.c
+++ b/lib/libcrypto/ts/ts_rsp_sign.c
@@ -953,8 +953,8 @@ TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
time_t time_sec = (time_t) sec;
struct tm *tm = NULL;
char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
- char *p = genTime_str;
- char *p_end = genTime_str + sizeof(genTime_str);
+ char *p;
+ int rv;
if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
goto err;
@@ -970,18 +970,13 @@ TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
* meet the rfc3161 requirement: "GeneralizedTime syntax can include
* fraction-of-second details".
*/
- p += BIO_snprintf(p, p_end - p,
- "%04d%02d%02d%02d%02d%02d",
+ if (precision > 0) {
+ rv = snprintf(genTime_str, sizeof(genTime_str),
+ "%04d%02d%02d%02d%02d%02d.%ldZ",
tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
- tm->tm_hour, tm->tm_min, tm->tm_sec);
- if (precision > 0)
- {
- /* Add fraction of seconds (leave space for dot and null). */
- BIO_snprintf(p, 2 + precision, ".%ld", usec);
- /* We cannot use the snprintf return value,
- because it might have been truncated. */
- p += strlen(p);
-
+ tm->tm_hour, tm->tm_min, tm->tm_sec, usec);
+ if (rv == -1 || rv >= sizeof(genTime_str))
+ goto err;
/* To make things a bit harder, X.690 | ISO/IEC 8825-1 provides
the following restrictions for a DER-encoding, which OpenSSL
(specifically ASN1_GENERALIZEDTIME_check() function) doesn't
@@ -995,14 +990,24 @@ TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
omitted." */
/* Remove trailing zeros. The dot guarantees the exit
condition of this loop even if all the digits are zero. */
- while (*--p == '0')
- /* empty */;
- /* p points to either the dot or the last non-zero digit. */
- if (*p != '.') ++p;
- }
- /* Add the trailing Z and the terminating null. */
- *p++ = 'Z';
- *p++ = '\0';
+ p = strchr(genTime_str, 'Z');
+ p--; /* move back in front of Z */
+ /* pass over 0s */
+ while (*p == '0')
+ p--;
+ /* if we're not at . we're at an interesting digit */
+ if (*p != '.')
+ p++;
+ *p++ = 'Z';
+ *p = 0;
+ } else {
+ rv = snprintf(genTime_str, sizeof(genTime_str),
+ "%04d%02d%02d%02d%02d%02dZ",
+ tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+ tm->tm_hour, tm->tm_min, tm->tm_sec);
+ if (rv == -1 || rv >= sizeof(genTime_str))
+ goto err;
+ }
/* Now call OpenSSL to check and set our genTime value */
if (!asn1_time && !(asn1_time = M_ASN1_GENERALIZEDTIME_new()))