Fix from testing

embhorn · embhorn · commit e67b85724e4a · 2025-10-13T12:57:47.000-05:00
diff --git a/src/x509.c b/src/x509.c
@@ -27,8 +27,6 @@
     #endif
 #else
 
-#pragma GCC diagnostic ignored "-Wformat-truncation"  
-
 #ifndef WOLFCRYPT_ONLY
 
 #ifndef NO_CERTS
@@ -1476,6 +1474,12 @@ static WOLFSSL_ASN1_STRING* wolfSSL_X509_EXTENSION_get_data_internal(
 
 
 #ifndef NO_BIO
+
+#ifndef MAX_INDENT
+    #define MAX_INDENT 40
+#endif
+
+
 /* Return 0 on success and 1 on failure. Copies ext data to bio, using indent
  *  to pad the output. flag is ignored. */
 int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
@@ -1490,6 +1494,9 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
     int tmpLen = 0;
     WOLFSSL_ENTER("wolfSSL_X509V3_EXT_print");
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     if ((out == NULL) || (ext == NULL)) {
         WOLFSSL_MSG("NULL parameter error");
         return rc;
@@ -6322,6 +6329,9 @@ static int X509PrintKeyUsage(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent)
         "Decipher Only"
     };
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     if (bio == NULL || x509 == NULL) {
         ret = WOLFSSL_FAILURE;
     }
@@ -6493,6 +6503,9 @@ static int X509PrintSerial(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent)
     unsigned char serial[32];
     int  sz = sizeof(serial);
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     XMEMSET(serial, 0, sz);
     if (wolfSSL_X509_get_serial_number(x509, serial, &sz) == WOLFSSL_SUCCESS) {
         X509PrintSerial_ex(bio, serial, sz, 1, indent);
@@ -6585,6 +6598,9 @@ static int X509PrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent)
     int  count, i;
     char* buf = NULL;
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     count = wolfSSL_X509_get_ext_count(x509);
     if (count <= 0)
         return WOLFSSL_SUCCESS;
@@ -6998,6 +7014,9 @@ static int X509PrintPubKey(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int indent)
     int len;
     int ret = WOLFSSL_SUCCESS;
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     if (bio == NULL || x509 == NULL)
         return BAD_FUNC_ARG;
 
@@ -7085,6 +7104,9 @@ static int X509PrintVersion(WOLFSSL_BIO* bio, int version, int indent)
     char scratch[MAX_WIDTH];
     int scratchLen;
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     scratchLen = XSNPRINTF(scratch, MAX_WIDTH, "%*s%s", indent, "", "Version:");
     if ((scratchLen < 0) || (scratchLen >= MAX_WIDTH)) {
         return WOLFSSL_FAILURE;
@@ -7118,6 +7140,9 @@ static int X509PrintReqAttributes(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
     int scratchLen;
     int i = 0;
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     if ((scratchLen = XSNPRINTF(scratch, MAX_WIDTH,
                                  "%*s%s", indent, "", "Attributes: \n"))
         >= MAX_WIDTH)
@@ -8865,6 +8890,9 @@ static int X509RevokedPrintSerial(WOLFSSL_BIO* bio, RevokedCert* rev,
     unsigned char serial[32];
     int  sz = sizeof(serial);
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     XMEMSET(serial, 0, sz);
     if (wolfSSL_X509_REVOKED_get_serial_number(rev, serial, &sz)
             == WOLFSSL_SUCCESS) {
@@ -8926,6 +8954,9 @@ static int X509CRLPrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509_CRL* crl,
     char tmp[MAX_WIDTH]; /* buffer for XSNPRINTF */
     int  ret = 0;
 
+    if (indent < 0) indent = 0;
+    if (indent > MAX_INDENT) indent = MAX_INDENT;
+
     if (XSNPRINTF(tmp, MAX_WIDTH, "%*s%s\n", indent, "",
                 "CRL extensions:") >= MAX_WIDTH) {
         ret = WOLFSSL_FAILURE;
