Mirrors/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-12-28 07:50:41 +00:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity

crypto: fix fingerprint string size calculation

Browse Source 
The function generating fingerprint strings never accesses more than
EVP_MAX_MD_SIZE * 3 characters, including the terminating '\0'.

PR-URL: https://github.com/nodejs/node/pull/42175
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Tobias Nießen 2022-03-07 23:42:22 +01:00 committed by GitHub
parent 24487befb7
commit 3dcab2b30a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/crypto/crypto_common.cc
View File

@ -421,7 +421,7 @@ MaybeLocal<Object> GetLastIssuedCert(
void AddFingerprintDigest(
const unsigned char* md,
unsigned int md_size,
char fingerprint[3 * EVP_MAX_MD_SIZE + 1]) {
char fingerprint[3 * EVP_MAX_MD_SIZE]) {
unsigned int i;
const char hex[] = "0123456789ABCDEF";
@ -571,7 +571,7 @@ MaybeLocal<Value> GetFingerprintDigest(
X509* cert) {
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_size;
char fingerprint[EVP_MAX_MD_SIZE * 3 + 1];
char fingerprint[EVP_MAX_MD_SIZE * 3];
if (X509_digest(cert, method, md, &md_size)) {
AddFingerprintDigest(md, md_size, fingerprint);