From db4443c0686e4220ee86e624f69040c54170b6a1 Mon Sep 17 00:00:00 2001
From: Toni Uhlig <matzeton@googlemail.com>
Date: Tue, 24 Nov 2020 01:21:52 +0100
Subject: Fixed stack overflow caused by missing buffer space for the trailing
 \0 added by sprintf()

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---
 src/lib/ndpi_utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index edf7ebd07..cb68cc849 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -1139,7 +1139,7 @@ int ndpi_dpi2json(struct ndpi_detection_module_struct *ndpi_struct,
   case NDPI_PROTOCOL_BITTORRENT:
     {
       u_int i, j, n = 0;
-      char bittorent_hash[32];
+      char bittorent_hash[32+1];
 
       for(i=0, j = 0; j < sizeof(bittorent_hash)-1; i++) {
 	sprintf(&bittorent_hash[j], "%02x",
-- 
cgit v1.2.3