gpg: Fix buffer overflow.
authorNeal H. Walfield <neal@g10code.com>
Fri, 11 Dec 2015 13:40:23 +0000 (14:40 +0100)
committerNeal H. Walfield <neal@g10code.com>
Fri, 11 Dec 2015 13:41:34 +0000 (14:41 +0100)
* g10/keydb.c (keydb_search_desc_dump): Fix buffer overflow.

--
Signed-off-by: Neal H. Walfield <neal@walfield.org>
Regression-due-to: 11ec478

Note: this buffer overflow will only occur if --debug=lookup is passed
to gpg and a search by fingerprint is done.

g10/keydb.c

index 97dfb5f..d7c35de 100644 (file)
@@ -470,7 +470,7 @@ char *
 keydb_search_desc_dump (struct keydb_search_desc *desc)
 {
   char b[MAX_FORMATTED_FINGERPRINT_LEN + 1];
-  char fpr[MAX_FINGERPRINT_LEN + 1];
+  char fpr[2 * MAX_FINGERPRINT_LEN + 1];
 
   switch (desc->mode)
     {