Blame mail-notification-5.4-prevent-stack-overflow-in-verify-ssl-certificate-function.patch
|
|
1a08be0 |
--- src/mn-client-session.c.orig 2012-04-05 16:13:12.078530159 +0200
|
|
|
1a08be0 |
+++ src/mn-client-session.c 2012-04-05 16:18:30.823859820 +0200
|
|
|
1a08be0 |
@@ -679,7 +679,7 @@
|
|
|
1a08be0 |
else
|
|
|
1a08be0 |
{
|
|
|
1a08be0 |
unsigned char md5sum[16];
|
|
|
1a08be0 |
- unsigned char fingerprint[40];
|
|
|
1a08be0 |
+ unsigned char fingerprint[49];
|
|
|
1a08be0 |
int md5len;
|
|
|
1a08be0 |
int i;
|
|
|
1a08be0 |
unsigned char *f;
|
|
|
1a08be0 |
@@ -687,6 +687,7 @@
|
|
|
1a08be0 |
/* calculate the MD5 hash of the raw certificate */
|
|
|
1a08be0 |
md5len = sizeof(md5sum);
|
|
|
1a08be0 |
X509_digest(cert, EVP_md5(), md5sum, &md5len);
|
|
|
1a08be0 |
+ memset(fingerprint, 0, sizeof(fingerprint));
|
|
|
1a08be0 |
for (i = 0, f = fingerprint; i < 16; i++, f += 3)
|
|
|
1a08be0 |
sprintf(f, "%.2x%c", md5sum[i], i != 15 ? ':' : '\0');
|
|
|
1a08be0 |
|