openssl: biomem->data is not zero terminated

So printf(%s) on it or reading before bounds checking is wrong, fixing
it. Could previously lead to reading out of boundary.

Reported-by: Török Edwin

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index b59233a252e7df8f3257ed76209530c75781eb16..5a665661f4077491810859341b8c122cb579b854 100644 (file)
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2117,7 +2117,7 @@ static int X509V3_ext(struct SessionHandle *data,
         sep=", ";
         j++; /* skip the newline */
       };
-      while((biomem->data[j] == ' ') && (j<(size_t)biomem->length))
+      while((j<(size_t)biomem->length) && (biomem->data[j] == ' '))
         j++;
       if(j<(size_t)biomem->length)
         ptr+=snprintf(ptr, sizeof(buf)-(ptr-buf), "%s%c", sep,
@@ -2159,8 +2159,6 @@ static void dumpcert(struct SessionHandle *data, X509 *x, int numcert)
 
   BIO_get_mem_ptr(bio_out, &biomem);
 
-  infof(data, "%s\n", biomem->data);
-
   Curl_ssl_push_certinfo_len(data, numcert,
                              "Cert", biomem->data, biomem->length);