From 7f43f94304502ce1d1e36f7382bea80a7d27a8bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Mon, 7 Mar 2022 23:42:22 +0100
Subject: [PATCH] crypto: fix fingerprint string size calculation

The function generating fingerprint strings never accesses more than
EVP_MAX_MD_SIZE * 3 characters, including the terminating '\0'.

PR-URL: https://github.com/nodejs/node/pull/42175
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 src/crypto/crypto_common.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/crypto/crypto_common.cc b/src/crypto/crypto_common.cc
index 372a3f147b0795..a5aa39c23c1708 100644
--- a/src/crypto/crypto_common.cc
+++ b/src/crypto/crypto_common.cc
@@ -417,7 +417,7 @@ MaybeLocal<Object> GetLastIssuedCert(
 void AddFingerprintDigest(
     const unsigned char* md,
     unsigned int md_size,
-    char fingerprint[3 * EVP_MAX_MD_SIZE + 1]) {
+    char fingerprint[3 * EVP_MAX_MD_SIZE]) {
   unsigned int i;
   const char hex[] = "0123456789ABCDEF";
 
@@ -567,7 +567,7 @@ MaybeLocal<Value> GetFingerprintDigest(
     X509* cert) {
   unsigned char md[EVP_MAX_MD_SIZE];
   unsigned int md_size;
-  char fingerprint[EVP_MAX_MD_SIZE * 3 + 1];
+  char fingerprint[EVP_MAX_MD_SIZE * 3];
 
   if (X509_digest(cert, method, md, &md_size)) {
     AddFingerprintDigest(md, md_size, fingerprint);