From daa1c8ef8c8a61899bf3d311f7efa11c090bfe70 Mon Sep 17 00:00:00 2001
From: Toni <matzeton@googlemail.com>
Date: Thu, 26 Nov 2020 19:46:31 +0100
Subject: Fix/overflow and libgerror check (#1068)

* Fixed stack overflow caused by missing buffer space for the trailing \0 added by sprintf()

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

* Remove the autoconf cache value from the previous and failed check before checking again.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---
 src/lib/ndpi_utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index edf7ebd07..53f8019dd 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -1139,7 +1139,7 @@ int ndpi_dpi2json(struct ndpi_detection_module_struct *ndpi_struct,
   case NDPI_PROTOCOL_BITTORRENT:
     {
       u_int i, j, n = 0;
-      char bittorent_hash[32];
+      char bittorent_hash[sizeof(flow->protos.bittorrent.hash)*2+1];
 
       for(i=0, j = 0; j < sizeof(bittorent_hash)-1; i++) {
 	sprintf(&bittorent_hash[j], "%02x",
-- 
cgit v1.2.3