Subject: ssl: fix source and destination overlap in strcpy

Use memmove instead...

AG add explanation for union name[] member length.

Signed-off-by: Petar Paradzik <petar.paradzik@sartura.hr>

lib/libwebsockets.h

@@ -5441,7 +5441,19 @@ union lws_tls_cert_info_results {
 	unsigned int usage;
 	struct {
 		int len;
-		char name[64]; /* KEEP LAST... name[] not allowed in union */
+		/* KEEP LAST... notice the [64] is only there because
+		 * name[] is not allowed in a union.  The actual length of
+		 * name[] is arbitrary and is passed into the api using the
+		 * len parameter.  Eg
+		 *
+		 * char big[1024];
+		 * union lws_tls_cert_info_results *buf =
+		 * 	(union lws_tls_cert_info_results *)big;
+		 *
+		 * lws_tls_peer_cert_info(wsi, type, buf,
+		 * 			  sizeof(big) - sizeof(*buf) + 64);
+		 */
+		char name[64];
 	} ns;
 };
 

lib/tls/openssl/ssl.c

@@ -552,10 +552,10 @@ lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type,
 		xn = X509_get_subject_name(x509);
 		if (!xn)
 			return -1;
-		X509_NAME_oneline(xn, buf->ns.name, (int)len - 1);
+		X509_NAME_oneline(xn, buf->ns.name, (int)len - 2);
 		p = strstr(buf->ns.name, "/CN=");
 		if (p)
-			strcpy(buf->ns.name, p + 4);
+			memmove(buf->ns.name, p + 4, strlen(p + 4) + 1);
 		buf->ns.len = (int)strlen(buf->ns.name);
 		return 0;