From ea52d52754d58edac81bfb10fc4c59fcc8b59935 Mon Sep 17 00:00:00 2001
From: Dimitri Staessens <dimitri@ouroboros.rocks>
Date: Sun, 18 Jan 2026 16:48:37 +0100
Subject: lib: Fix getting text certificates

The openssl_crt_str function was using BIO_get_mem_data() but this is
not guaranteed to be NULL-terminated, causing buffer overruns.  This
was the root cause of ASan tests with certificates running for
minutes and eventually getting killed on the CI/CD pipeline:

      Start  1: lib/auth_test
 1/26 Test  #1: lib/auth_test ......................***Skipped 312.75 sec
      Start 16: irmd/oap/oap_test
16/26 Test #16: irmd/oap/oap_test ..................***Skipped 345.87 sec

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
---
 src/lib/crypt/openssl.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'src/lib/crypt')

diff --git a/src/lib/crypt/openssl.c b/src/lib/crypt/openssl.c
index 638da209..bd3f1239 100644
--- a/src/lib/crypt/openssl.c
+++ b/src/lib/crypt/openssl.c
@@ -1450,9 +1450,10 @@ int openssl_get_crt_name(void * crt,
 int openssl_crt_str(const void * crt,
                     char *       str)
 {
-        BIO *  bio;
-        X509 * xcrt;
-        char * p;
+        BIO *   bio;
+        X509 *  xcrt;
+        char *  p;
+        ssize_t len;
 
         xcrt = (X509 *) crt;
 
@@ -1462,11 +1463,12 @@ int openssl_crt_str(const void * crt,
 
         X509_print(bio, xcrt);
 
-        BIO_get_mem_data(bio, &p);
-        if (p == NULL)
+        len = (ssize_t) BIO_get_mem_data(bio, &p);
+        if (len <= 0 || p == NULL)
                 goto fail_p;
 
-        sprintf(str, "%s", p);
+        memcpy(str, p, len);
+        str[len] = '\0';
 
         BIO_free(bio);
 
-- 
cgit v1.2.3