para_decrypt_challenge(): write terminating 0 byte
authorAndre <maan@p133.(none)>
Wed, 12 Jul 2006 17:39:31 +0000 (19:39 +0200)
committerAndre <maan@p133.(none)>
Wed, 12 Jul 2006 17:39:31 +0000 (19:39 +0200)
As we do a sscanf() on the buffer. Noted by valgrind.

crypt.c

diff --git a/crypt.c b/crypt.c
index 34407d7..653b1a2 100644 (file)
--- a/crypt.c
+++ b/crypt.c
@@ -100,12 +100,14 @@ int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *in
 int para_decrypt_challenge(char *key_file, long unsigned *challenge_nr,
                unsigned char *inbuf, int rsa_inlen)
 {
-       unsigned char *rsa_out = OPENSSL_malloc(128);
+       unsigned char *rsa_out = OPENSSL_malloc(rsa_inlen + 1);
        int ret = para_decrypt_buffer(key_file, rsa_out, inbuf, rsa_inlen);
 
-       if (ret >= 0)
+       if (ret >= 0) {
+               rsa_out[ret] = '\0';
                ret = sscanf((char *)rsa_out, "%lu", challenge_nr) == 1?
                        1 : -E_CHALLENGE;
+       }
        OPENSSL_free(rsa_out);
        return ret;
 }