Skip to content

Commit

Permalink
crypto: fix fingerprint string size calculation
Browse files Browse the repository at this point in the history
The function generating fingerprint strings never accesses more than
EVP_MAX_MD_SIZE * 3 characters, including the terminating '\0'.

PR-URL: nodejs#42175
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
tniessen authored and xtx1130 committed Apr 25, 2022
1 parent 49a9c2c commit 193b2e7
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/crypto/crypto_common.cc
Original file line number Diff line number Diff line change
Expand Up @@ -421,7 +421,7 @@ MaybeLocal<Object> GetLastIssuedCert(
void AddFingerprintDigest(
const unsigned char* md,
unsigned int md_size,
char fingerprint[3 * EVP_MAX_MD_SIZE + 1]) {
char fingerprint[3 * EVP_MAX_MD_SIZE]) {
unsigned int i;
const char hex[] = "0123456789ABCDEF";

Expand Down Expand Up @@ -571,7 +571,7 @@ MaybeLocal<Value> GetFingerprintDigest(
X509* cert) {
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_size;
char fingerprint[EVP_MAX_MD_SIZE * 3 + 1];
char fingerprint[EVP_MAX_MD_SIZE * 3];

if (X509_digest(cert, method, md, &md_size)) {
AddFingerprintDigest(md, md_size, fingerprint);
Expand Down

0 comments on commit 193b2e7

Please sign in to comment.