Mercurial > hg > octave-nkf
changeset 11293:202bd0f1863d
oct_md5_result_to_str: avoid buffer overrun; replace loop with single call to sprintf
author | John W. Eaton <jwe@octave.org> |
---|---|
date | Tue, 23 Nov 2010 03:11:32 -0500 |
parents | 231e6d1b57d6 |
children | e2a4f3478b7c |
files | liboctave/ChangeLog liboctave/oct-md5.cc |
diffstat | 2 files changed, 11 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/liboctave/ChangeLog +++ b/liboctave/ChangeLog @@ -1,3 +1,8 @@ +2010-11-23 John W. Eaton <jwe@octave.org> + + * oct-md5.cc (oct_md5_result_to_str): Avoid buffer overrun in + call to sprintf. Replace loop with a single call to sprintf. + 2010-11-23 John W. Eaton <jwe@octave.org> * oct-md5.cc (oct_md5_file): Close file after reading.
--- a/liboctave/oct-md5.cc +++ b/liboctave/oct-md5.cc @@ -36,10 +36,13 @@ static std::string oct_md5_result_to_str (const unsigned char *buf) { - char tmp [32]; + char tmp [33]; - for (octave_idx_type i = 0; i < 16; i++) - sprintf (&tmp[2*i], "%02x", buf[i]); + sprintf (tmp, + "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + buf[0], buf[1], buf[2], buf[3], buf[4], buf[5], buf[6], buf[7], + buf[8], buf[9], buf[10], buf[11], buf[12], buf[13], buf[14], + buf[15]); return std::string (tmp, 32); }