Mercurial > pidgin

diff src/cipher.c @ 12388:4e045668b9d0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[gaim-migrate @ 14694] Smashing the stack is neither fun nor profitable! Having room for the NUL terminator is a good idea. committer: Tailor Script <tailor@pidgin.im>
author Richard Laager <rlaager@wiktel.com>
date Wed, 07 Dec 2005 10:38:52 +0000
parents cfc808463763
children e024601d45c7
line wrap: on
line diff
--- a/src/cipher.c	Wed Dec 07 09:16:25 2005 +0000
+++ b/src/cipher.c	Wed Dec 07 10:38:52 2005 +0000
@@ -1635,7 +1635,8 @@
 	if(!gaim_cipher_context_digest(context, sizeof(digest), digest, &dlen))
 		return FALSE;
 
-	if(in_len < dlen * 2)
+	/* in_len must be greater than dlen * 2 so we have room for the NUL. */
+	if(in_len <= dlen * 2)
 		return FALSE;
 
 	for(n = 0; n < dlen; n++)
@@ -1791,7 +1792,7 @@
 {
 	GaimCipher *cipher;
 	GaimCipherContext *context;
-	gchar hash[32]; /* We only support MD5. */
+	gchar hash[33]; /* We only support MD5. */
 
 	g_return_val_if_fail(username != NULL, NULL);
 	g_return_val_if_fail(realm    != NULL, NULL);
@@ -1857,7 +1858,7 @@
 {
 	GaimCipher *cipher;
 	GaimCipherContext *context;
-	gchar hash2[32]; /* We only support MD5. */
+	static gchar hash2[33]; /* We only support MD5. */
 
 	g_return_val_if_fail(method      != NULL, NULL);
 	g_return_val_if_fail(digest_uri  != NULL, NULL);