===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/openssl/certhash.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -c -r1.18 -r1.19
*** src/usr.bin/openssl/certhash.c	2021/08/28 08:16:39	1.18
--- src/usr.bin/openssl/certhash.c	2021/10/23 08:13:48	1.19
***************
*** 1,4 ****
! /*	$OpenBSD: certhash.c,v 1.18 2021/08/28 08:16:39 tb Exp $ */
  /*
   * Copyright (c) 2014, 2015 Joel Sing <jsing@openbsd.org>
   *
--- 1,4 ----
! /*	$OpenBSD: certhash.c,v 1.19 2021/10/23 08:13:48 tb Exp $ */
  /*
   * Copyright (c) 2014, 2015 Joel Sing <jsing@openbsd.org>
   *
***************
*** 488,493 ****
--- 488,497 ----
  	n = readlink(dep->d_name, target, sizeof(target) - 1);
  	if (n == -1) {
  		fprintf(stderr, "failed to readlink %s\n", dep->d_name);
+ 		return (-1);
+ 	}
+ 	if (n >= sizeof(target) - 1) {
+ 		fprintf(stderr, "symbolic link is too long %s\n", dep->d_name);
  		return (-1);
  	}
  	target[n] = '\0';