I thing the code in openssl-0.9.4/crypto/asn1/t_req.c, line 190,
supplies a superfluous nul termination.
Please check that this really is so, as I do not know what the meaning
of bs->length field is. The bug could also be where the length field
is set. In my program bs is set to t->value.bit_string (around line
181), which comes from who knows where. If you want I can track this
further.
--Sampo
diff -c t_req.c.orig t_req.c
*** t_req.c~ Sat May 1 18:29:51 1999
--- t_req.c Fri Oct 1 12:26:12 1999
***************
*** 188,195 ****
(type == V_ASN1_T61STRING) ||
(type == V_ASN1_IA5STRING))
{
! if (BIO_write(bp,(char *)bs->data,bs->length)
! != bs->length)
goto err;
BIO_puts(bp,"\n");
}
--- 188,195 ----
(type == V_ASN1_T61STRING) ||
(type == V_ASN1_IA5STRING))
{
! if (BIO_write(bp,(char *)bs->data,bs->length-1)
! != bs->length-1) /* -1 is to exclude \0
termination */
goto err;
BIO_puts(bp,"\n");
}
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
