Skip to content

Commit

Permalink
Fixed buffer overflow in Utils::Md5::hexdigest()
Browse files Browse the repository at this point in the history 
Found via failed test (auditlog.json) on Alpine Linux 3.8.2.
  • Loading branch information
@defanator @zimmerle
defanator authored and zimmerle committed Jan 14, 2019
1 parent 3c1fba2 commit ae02076
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/utils/md5.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ std::string Md5::hexdigest(std::string& input) {
mbedtls_md5(reinterpret_cast<const unsigned char *>(input.c_str()),
input.size(), digest);

char buf[32];
char buf[33];
for (int i = 0; i < 16; i++) {
sprintf(buf+i*2, "%02x", digest[i]);
}
Expand Down

0 comments on commit ae02076

Please sign in to comment.