From f8b6768d050573aff955df3a2661340a040af345 Mon Sep 17 00:00:00 2001 From: Eric Leblond Date: Wed, 21 Oct 2015 14:50:25 +0200 Subject: [PATCH] json-email: fix coverity alert The code was not correct and coverity did detect a potential overflow problem that should not happen because of the structure of md5 string and of format. --- src/output-json-email-common.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/output-json-email-common.c b/src/output-json-email-common.c index 33264d471d..88cd3acf4b 100644 --- a/src/output-json-email-common.c +++ b/src/output-json-email-common.c @@ -140,13 +140,13 @@ static void JsonEmailLogJSONMd5(OutputJsonEmailCtx *email_ctx, json_t *js, SMTPT field = MimeDecFindField(entity, "subject"); if (field != NULL) { unsigned char md5[MD5_LENGTH]; - char smd5[2 * MD5_LENGTH + 1]; + char smd5[256]; char *value = BytesToString((uint8_t *)field->value , field->value_len); if (value) { size_t i,x; HASH_HashBuf(HASH_AlgMD5, md5, (unsigned char *)value, strlen(value)); for (i = 0, x = 0; x < sizeof(md5); x++) { - i += snprintf(smd5 + i, 255-i, "%02x", md5[x]); + i += snprintf(smd5 + i, 255 - i, "%02x", md5[x]); } json_object_set_new(js, "subject_md5", json_string(smd5)); SCFree(value);