From: Richard Levitte <levitte@openssl.org>
Date: Wed, 29 May 2002 08:31:30 +0000 (+0000)
Subject: There is a chance that the input string is larger than size, and on VMS,
X-Git-Tag: OpenSSL_0_9_6e~84
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1af4d835650a8117ad8140067597427bde635186;p=openssl

There is a chance that the input string is larger than size, and on VMS,
this wasn't checked and could possibly be exploitable (slim chance, but still)
---

diff --git a/apps/apps.c b/apps/apps.c
index c22550b294..a7aa9fce08 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -228,9 +228,16 @@ void program_name(char *in, char *out, int size)
 
 	q=strrchr(p,'.');
 	if (q == NULL)
-		q = in+size;
-	strncpy(out,p,q-p);
-	out[q-p]='\0';
+		q = p + strlen(p);
+	strncpy(out,p,size-1);
+	if (q-p >= size)
+		{
+		out[size-1]='\0';
+		}
+	else
+		{
+		out[q-p]='\0';
+		}
 	}
 #else
 void program_name(char *in, char *out, int size)