From: Fredrik Thulin <fredrik@yubico.com>
Date: Wed, 13 Apr 2011 11:24:56 +0000 (+0200)
Subject: Fix incorrect length used with 'yubikey_hex_decode'.
X-Git-Tag: v1.5.2~10
X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=46d140541fbb70e848d22dc9f3edce9bfdb0c0e1;p=yubikey-personalization

Fix incorrect length used with 'yubikey_hex_decode'.

Resulted in coredump for challenges of 128 chars (64 bytes).
---

diff --git a/ykchalresp.c b/ykchalresp.c
index b76543c..2fabfbb 100644
--- a/ykchalresp.c
+++ b/ykchalresp.c
@@ -121,12 +121,12 @@ int parse_args(int argc, char **argv,
 	}
 
 	if (hex_encoded) {
-		static unsigned char decoded[64];
+		static unsigned char decoded[SHA1_MAX_BLOCK_SIZE];
 		int decoded_len;
 
 		int strl = strlen(argv[optind]);
 
-		if (strl >= sizeof(decoded) * 2) {
+		if (strl > sizeof(decoded) * 2) {
 			fprintf(stderr, "Hex-encoded challenge too long (max %i chars)\n",
 				sizeof(decoded) * 2);
 			return 0;
@@ -140,7 +140,7 @@ int parse_args(int argc, char **argv,
 		memset(decoded, 0, sizeof(decoded));
 
 		if (yubikey_hex_p(argv[optind])) {
-			yubikey_hex_decode((char *)decoded, argv[optind], strl);
+			yubikey_hex_decode((char *)decoded, argv[optind], sizeof(decoded));
 		} else {
 			fprintf(stderr, "Bad hex-encoded string '%s'\n", argv[optind]);
 			return 0;
@@ -188,7 +188,7 @@ int challenge_response(YK_KEY *yk, int slot,
 		       bool hmac, bool may_block, bool verbose)
 {
 	unsigned char response[64];
-	unsigned char output_buf[sizeof(response) * 2];
+	unsigned char output_buf[(SHA1_MAX_BLOCK_SIZE * 2) + 1];
 	int yk_cmd;
 	unsigned int flags = 0;
 	unsigned int response_len = 0;