On Fri, 7 Sep 2007 17:35:16 +0200 Charles Longeau <[EMAIL PROTECTED]> wrote:
> Hi, > > In this patch, I've tried to spot fgets calls which return value was > not checked. > > Also, there's no need to remove 1 byte in the given buffer size (for > the last NUL char I guess), fgets already deals with that. > > Best regards, > > Charles Longeau > > @@ -362,7 +363,7 @@ int des_read_pw(char *buf, char *buff, i > fflush(stderr); > > buf[0]='\0'; > - fgets(buf,size,tty); > + if (fgets(buf,size,tty) == NULL) goto err; didn't you mean s/err/error ? > @@ -373,7 +374,7 @@ int des_read_pw(char *buf, char *buff, i > fprintf(stderr,"\nVerifying password - > %s",prompt); fflush(stderr); > buff[0]='\0'; > - fgets(buff,size,tty); > + if (fgets(buf,size,tty) == NULL) goto err; > if (feof(tty)) goto error; ditto. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
