From ade45974506ffedcd057f336fbcf71941d77b09c Mon Sep 17 00:00:00 2001 From: Andre Date: Wed, 12 Jul 2006 19:39:31 +0200 Subject: [PATCH] para_decrypt_challenge(): write terminating 0 byte As we do a sscanf() on the buffer. Noted by valgrind. --- crypt.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/crypt.c b/crypt.c index 34407d78..653b1a24 100644 --- a/crypt.c +++ b/crypt.c @@ -100,12 +100,14 @@ int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *in int para_decrypt_challenge(char *key_file, long unsigned *challenge_nr, unsigned char *inbuf, int rsa_inlen) { - unsigned char *rsa_out = OPENSSL_malloc(128); + unsigned char *rsa_out = OPENSSL_malloc(rsa_inlen + 1); int ret = para_decrypt_buffer(key_file, rsa_out, inbuf, rsa_inlen); - if (ret >= 0) + if (ret >= 0) { + rsa_out[ret] = '\0'; ret = sscanf((char *)rsa_out, "%lu", challenge_nr) == 1? 1 : -E_CHALLENGE; + } OPENSSL_free(rsa_out); return ret; } -- 2.39.5