Skip to content

Commit

Permalink
crypto: fix fingerprint string size calculation
Browse files Browse the repository at this point in the history
The function generating fingerprint strings never accesses more than
EVP_MAX_MD_SIZE * 3 characters, including the terminating '\0'.

PR-URL: #42175
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
tniessen authored and danielleadams committed Apr 24, 2022
1 parent c56e15a commit 7f43f94
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/crypto/crypto_common.cc
Original file line number Diff line number Diff line change
Expand Up @@ -417,7 +417,7 @@ MaybeLocal<Object> GetLastIssuedCert(
void AddFingerprintDigest(
const unsigned char* md,
unsigned int md_size,
char fingerprint[3 * EVP_MAX_MD_SIZE + 1]) {
char fingerprint[3 * EVP_MAX_MD_SIZE]) {
unsigned int i;
const char hex[] = "0123456789ABCDEF";

Expand Down Expand Up @@ -567,7 +567,7 @@ MaybeLocal<Value> GetFingerprintDigest(
X509* cert) {
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_size;
char fingerprint[EVP_MAX_MD_SIZE * 3 + 1];
char fingerprint[EVP_MAX_MD_SIZE * 3];

if (X509_digest(cert, method, md, &md_size)) {
AddFingerprintDigest(md, md_size, fingerprint);
Expand Down

0 comments on commit 7f43f94

Please sign in to comment.