> From: owner-openssl-us...@openssl.org On Behalf Of Ger Hobbelt
> Sent: Wednesday, 10 December, 2008 18:53
> few nitpicks on the code:
>
> > int
> > bin2hex (unsigned char *pcIbuf, unsigned char *pszObuf,
> unsigned int ilen)
> > {
> > unsigned int i; // loop iteration counter
> > unsigned int j = (ilen * 2) + 1; // output buffer length
> > unsigned char *p;
> >
> > p = pszObuf; // point to start of output buffer
>
> ^^^ given that you allow a MAXBUF input size, the worst case hexdump
> output is 2*MAXBUF+1 which will overflow your obuf[] array, i.e.
> corrupt stack.
>
> > for (i = 0; i < ilen; i++) {
> > sprintf_s (p, j, "%2.2x", (unsigned char) pcIbuf [i]);
>
> You may try %02x as a format string instead; IIRC %2.2x does pad small
> numbers with space instead of 0
Not on most machines. %2x pads with space. %02x pads with 0.
%2.2x generates "at least" two digits, and doesn't pad at all; that's
equivalent to padding to 2 with 0, except on machines with bytes larger
than 8 bits and actually containing values >255, which C formally
allows but on which most modern crypto code (heck, most modern code
of many types) probably won't work right anyway.
Also, for sprintf_s to be of any value, he needs to decrement j-=2
each iteration along with p+=2. Alternatively just use sprintf
and ignore the fraudulent and megalomaniacal Microsoft warnings.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
