Mercurial > octave

changeset 11293:202bd0f1863d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
oct_md5_result_to_str: avoid buffer overrun; replace loop with single call to sprintf
author John W. Eaton <jwe@octave.org>
date Tue, 23 Nov 2010 03:11:32 -0500
parents 231e6d1b57d6
children e2a4f3478b7c
files liboctave/ChangeLog liboctave/oct-md5.cc
diffstat 2 files changed, 11 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/liboctave/ChangeLog	Tue Nov 23 02:33:34 2010 -0500
+++ b/liboctave/ChangeLog	Tue Nov 23 03:11:32 2010 -0500
@@ -1,3 +1,8 @@
+2010-11-23  John W. Eaton  <jwe@octave.org>
+
+	* oct-md5.cc (oct_md5_result_to_str): Avoid buffer overrun in
+	call to sprintf.  Replace loop with a single call to sprintf.
+
 2010-11-23  John W. Eaton  <jwe@octave.org>
 
 	* oct-md5.cc (oct_md5_file): Close file after reading.
--- a/liboctave/oct-md5.cc	Tue Nov 23 02:33:34 2010 -0500
+++ b/liboctave/oct-md5.cc	Tue Nov 23 03:11:32 2010 -0500
@@ -36,10 +36,13 @@
 static std::string
 oct_md5_result_to_str (const unsigned char *buf)
 {
-  char tmp [32];
+  char tmp [33];
 
-  for (octave_idx_type i = 0; i < 16; i++)
-    sprintf (&tmp[2*i], "%02x", buf[i]);
+  sprintf (tmp,
+           "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+           buf[0], buf[1], buf[2], buf[3], buf[4], buf[5], buf[6], buf[7],
+           buf[8],  buf[9], buf[10], buf[11], buf[12], buf[13], buf[14],
+           buf[15]);
 
   return std::string (tmp, 32);
 }