summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSzczepan Zalega <szczepan@nitrokey.com>2018-02-12 09:40:00 +0100
committerSzczepan Zalega <szczepan@nitrokey.com>2018-02-12 09:40:00 +0100
commit096dabe54a0026bcdeaffe2164c69e87c67d1c33 (patch)
tree018bd5f0ab3fe6d2ffb00a51454a352694e5da9a
parente2e009d7d55b75da4537b1fbecb6759c0aabb63c (diff)
parent0c4f00c6198246a2fe543cabdc3da3629a835cbe (diff)
downloadlibnitrokey-096dabe54a0026bcdeaffe2164c69e87c67d1c33.tar.gz
libnitrokey-096dabe54a0026bcdeaffe2164c69e87c67d1c33.tar.bz2
Merge branch 'pr_96'
Changes in hex_string_to_byte - it could produce invalid results depending on value from byte after the buffer. Used in: write_HOTP_slot_authorize write_OTP_slot_no_authorize write_TOTP_slot_authorize Closes #96
-rw-r--r--misc.cc9
1 files changed, 5 insertions, 4 deletions
diff --git a/misc.cc b/misc.cc
index 7a54a94..59185f3 100644
--- a/misc.cc
+++ b/misc.cc
@@ -34,16 +34,17 @@ namespace misc {
::std::vector<uint8_t> hex_string_to_byte(const char* hexString){
- const size_t big_string_size = 256; //arbitrary 'big' number
- const size_t s_size = strlen(hexString);
+ const size_t big_string_size = 257; //arbitrary 'big' number
+ const size_t s_size = strnlen(hexString, big_string_size);
const size_t d_size = s_size/2;
- if (s_size%2!=0 || s_size>big_string_size){
+ if (s_size%2!=0 || s_size>=big_string_size){
throw InvalidHexString(0);
}
auto data = ::std::vector<uint8_t>();
data.reserve(d_size);
- char buf[2];
+ char buf[3];
+ buf[2] = '\0';
for(size_t i=0; i<s_size; i++){
char c = hexString[i];