From 2ab5c453e374d559592b4ae1f230d12ccc7d3b17 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Tue, 1 Mar 2022 20:04:40 +0000
Subject: [PATCH] crypto: fix fingerprint string size calculation

The function generating fingerprint strings never accesses more than
EVP_MAX_MD_SIZE * 3 characters, including the terminating '\0'.
---
 src/crypto/crypto_common.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/crypto/crypto_common.cc b/src/crypto/crypto_common.cc
index 2739b84d6c71d4..57ab74f6168396 100644
--- a/src/crypto/crypto_common.cc
+++ b/src/crypto/crypto_common.cc
@@ -421,7 +421,7 @@ MaybeLocal<Object> GetLastIssuedCert(
 void AddFingerprintDigest(
     const unsigned char* md,
     unsigned int md_size,
-    char fingerprint[3 * EVP_MAX_MD_SIZE + 1]) {
+    char fingerprint[3 * EVP_MAX_MD_SIZE]) {
   unsigned int i;
   const char hex[] = "0123456789ABCDEF";
 
@@ -571,7 +571,7 @@ MaybeLocal<Value> GetFingerprintDigest(
     X509* cert) {
   unsigned char md[EVP_MAX_MD_SIZE];
   unsigned int md_size;
-  char fingerprint[EVP_MAX_MD_SIZE * 3 + 1];
+  char fingerprint[EVP_MAX_MD_SIZE * 3];
 
   if (X509_digest(cert, method, md, &md_size)) {
     AddFingerprintDigest(md, md_size, fingerprint);