cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3d382c24c5
openbsd-ports/net/dctc/patches/patch-src_md_c
avsm 6ac43a4335 fix md5 display, bug introduced in our security patches by taking 
sizeof(pointer) into a bound string
feedback from krw@, naddy@ ok
2003-09-01 16:51:39 +00:00

20 lines
764 B
Plaintext
Raw Blame History

$OpenBSD: patch-src_md_c,v 1.2 2003/09/01 16:51:39 avsm Exp $
--- src/md.c.orig 2002-01-05 03:47:34.000000000 -0500
+++ src/md.c 2003-08-30 22:31:22.000000000 -0400
@@ -216,13 +216,13 @@ void md5_process_block (const void *buff
/****************************************************/
/* convert the given md5sum into a printable string */
/****************************************************/
-void md5tostr(const unsigned char md5sum[MD5SUMLEN],char str[3*MD5SUMLEN+1])
+void md5tostr(const unsigned char md5sum[MD5SUMLEN],char str[3*MD5SUMLEN+1], size_t len)
{
int i;
for(i=0;i<MD5SUMLEN;i++)
{
unsigned int v=md5sum[i];
- sprintf(str+3*i,"%1u%1u%1u",v/100,(v%100)/10,v%10);
+ snprintf(str+3*i,len-3*i,"%1u%1u%1u",v/100,(v%100)/10,v%10);
}
}
Reference in New Issue View Git Blame Copy Permalink