Skip to content
Browse files

Prevent stack overflow in the verify_ssl_certificate function

Fixed a stack overflow which occured while verifying SSL certificates for POP3 and IMAP mailboxes

Patch by Erik van Pienbroek
https://bugzilla.redhat.com/show_bug.cgi?id=810054
http://pkgs.fedoraproject.org/cgit/mail-notification.git/commit/?id=1a08be0877a4d56011f16d1e00b8ca0bbd9e0f53
  • Loading branch information...
1 parent 0914a6c commit a9d25d641509f898e26cc33afe274ecb86e36905 @epienbroek committed Aug 21, 2012
Showing with 2 additions and 1 deletion.
  1. +2 −1 src/mn-client-session.c
View
3 src/mn-client-session.c
@@ -679,14 +679,15 @@ verify_ssl_certificate (MNClientSession *session)
else
{
unsigned char md5sum[16];
- unsigned char fingerprint[40];
+ unsigned char fingerprint[49];
int md5len;
int i;
unsigned char *f;
/* calculate the MD5 hash of the raw certificate */
md5len = sizeof(md5sum);
X509_digest(cert, EVP_md5(), md5sum, &md5len);
+ memset(fingerprint, 0, sizeof(fingerprint));
for (i = 0, f = fingerprint; i < 16; i++, f += 3)
sprintf(f, "%.2x%c", md5sum[i], i != 15 ? ':' : '\0');

0 comments on commit a9d25d6

Please sign in to comment.
Something went wrong with that request. Please try again.