From: Pauli <pauli@openssl.org>
Date: Mon, 28 Jun 2021 22:26:11 +0000 (+1000)
Subject: evp: fix coverity 1473380 Copy into fixed size buffer (STRING_OVERFLOW)
X-Git-Tag: openssl-3.0.0-beta2~148
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5e56f4587de2f2e06c079272fa4d6712d56dbcf0;p=thirdparty%2Fopenssl.git

evp: fix coverity 1473380 Copy into fixed size buffer (STRING_OVERFLOW)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15943)
---

diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c
index 6998dcc6fc1..c532e57f8f6 100644
--- a/crypto/evp/ctrl_params_translate.c
+++ b/crypto/evp/ctrl_params_translate.c
@@ -1353,7 +1353,9 @@ static int fix_rsa_pss_saltlen(enum state state,
         if (i == OSSL_NELEM(str_value_map)) {
             BIO_snprintf(ctx->name_buf, sizeof(ctx->name_buf), "%d", ctx->p1);
         } else {
-            strcpy(ctx->name_buf, str_value_map[i].ptr);
+            strncpy(ctx->name_buf, str_value_map[i].ptr, sizeof(ctx->name_buf));
+            /* This won't truncate but it will quiet static analysers */
+            ctx->name_buf[sizeof(ctx->name_buf) - 1] = '\0';
         }
         ctx->p2 = ctx->name_buf;
         ctx->p1 = strlen(ctx->p2);