commit 6432c7e78257c85637e8c41d4008ba18ddccca0d
author Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Mon Aug 31 11:30:07 2015 +0200
committer Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Mon Aug 31 11:30:07 2015 +0200
tree fa5c32bd9f582807bc0f91e0972fed57d1f93cf7
parent e217ceea38725a861870ed67a1ddf6aefd4eb813

Fix memory corruption in rsa sign/verify programs

backport from d74c697

see #210

programs/pkey/rsa_sign.c

diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c
index d9a9a6e..63ef822 100644
--- a/programs/pkey/rsa_sign.c
+++ b/programs/pkey/rsa_sign.c
@@ -60,6 +60,7 @@
     rsa_context rsa;
     unsigned char hash[20];
     unsigned char buf[POLARSSL_MPI_MAX_SIZE];
+    char filename[512];
 
     ret = 1;
 
@@ -133,14 +134,14 @@
     }
 
     /*
-     * Write the signature into <filename>-sig.txt
+     * Write the signature into <filename>.sig
      */
-    memcpy( argv[1] + strlen( argv[1] ), ".sig", 5 );
+    snprintf( filename, sizeof( filename ), "%s.sig", argv[1] );
 
-    if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
+    if( ( f = fopen( filename, "wb+" ) ) == NULL )
     {
         ret = 1;
-        polarssl_printf( " failed\n  ! Could not create %s\n\n", argv[1] );
+        polarssl_printf( " failed\n  ! Could not create %s\n\n", filename );
         goto exit;
     }
 
@@ -150,7 +151,7 @@
 
     fclose( f );
 
-    polarssl_printf( "\n  . Done (created \"%s\")\n\n", argv[1] );
+    polarssl_printf( "\n  . Done (created \"%s\")\n\n", filename );
 
 exit: