From: james Date: Sat, 19 Nov 2005 01:48:58 +0000 (+0000) Subject: Merged PKCS11 changes from Alon: X-Git-Tag: v2.1_rc1~78 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a89295751f2cf6dbd9005e6dedfe16a65967c97e;p=thirdparty%2Fopenvpn.git Merged PKCS11 changes from Alon: svn merge -r 813:814 $SO/contrib/alon/BETA21/openvpn . git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@816 e7ae566f-a301-0410-adde-c780ea21d3b5 --- diff --git a/pkcs11-helper.c b/pkcs11-helper.c index a5c4b1502..06e79d326 100644 --- a/pkcs11-helper.c +++ b/pkcs11-helper.c @@ -302,7 +302,9 @@ _hexToBinary ( if ((i%2) == 1) { unsigned v; - sscanf (buf, "%x", &v); + if (sscanf (buf, "%x", &v) != 1) { + v = 0; + } target[*target_size] = v & 0xff; (*target_size)++; } @@ -374,6 +376,7 @@ _isBetterCertificate ( if ( notBeforeCurrent != NULL && notBeforeNew != NULL && + X509_cmp_current_time (notBeforeNew) > 0 && notBeforeCurrent->length < (int) sizeof (szNotBeforeCurrent) - 1 && notBeforeNew->length < (int) sizeof (szNotBeforeNew) - 1 ) { @@ -439,7 +442,9 @@ _pkcs11h_getSlotById ( slot_number = atoi (szSlot); } else { - sscanf (szSlot, "%d:%d", &provider_number, &slot_number); + if (sscanf (szSlot, "%d:%d", &provider_number, &slot_number) != 2) { + rv = CKR_FUNCTION_FAILED; + } } } @@ -753,10 +758,10 @@ _pkcs11h_getSession ( if (rv == CKR_SLOT_ID_INVALID) { char szLabel[1024]; strcpy (szLabel, "SLOT("); - strncat (szLabel, szSlotType, sizeof (szLabel)-1); - strncat (szLabel, "=", sizeof (szLabel)-1); - strncat (szLabel, szSlot, sizeof (szLabel)-1); - strncat (szLabel, ")", sizeof (szLabel)-1); + strncat (szLabel, szSlotType, sizeof (szLabel)-1-strlen (szLabel)); + strncat (szLabel, "=", sizeof (szLabel)-1-strlen (szLabel)); + strncat (szLabel, szSlot, sizeof (szLabel)-1-strlen (szLabel)); + strncat (szLabel, ")", sizeof (szLabel)-1-strlen (szLabel)); szLabel[sizeof (szLabel)-1] = 0; PKCS11DLOG ( PKCS11_LOG_DEBUG1,