diff options
author | eionrobb <eionrobb@8ca6c67d-4297-256d-f884-781da6d5760b> | 2013-06-10 10:11:15 +0400 |
---|---|---|
committer | eionrobb <eionrobb@8ca6c67d-4297-256d-f884-781da6d5760b> | 2013-06-10 10:11:15 +0400 |
commit | cdf8f281e3eff1c71ebb218c7fbe4ff60f4dfa84 (patch) | |
tree | cd1a4659ad13eb505008a7bc137385c5f5f13c31 | |
parent | ad171807ef0ea5bb149c7dac7d42781677b946c9 (diff) |
There's some kind of buffer-overflow crash happening occasionally :( Rather than work out exactly what's going on, alloc more memory so that we don't overflow
-rw-r--r-- | steam-mobile/steam_rsa.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/steam-mobile/steam_rsa.c b/steam-mobile/steam_rsa.c index 6b6f0fd..1b313e8 100644 --- a/steam-mobile/steam_rsa.c +++ b/steam-mobile/steam_rsa.c @@ -23,16 +23,15 @@ guchar * hexstring_to_binary(const gchar *in_string) {
guint in_len = strlen(in_string);
unsigned char *output;
- const char *pos;
- guint count;
+ guint pos, count;
guint output_len;
output_len = in_len / 2;
- output = g_new0(unsigned char, output_len);
+ output = g_new0(unsigned char, output_len + 10);
- pos = in_string;
+ pos = 0;
for(count = 0; count < output_len; count++) {
- sscanf(pos, "%2hhx", &output[count]);
+ sscanf(&in_string[pos], "%2hhx", &output[count]);
pos += 2;
}
@@ -85,14 +84,14 @@ steam_encrypt_password(const gchar *modulus_str, const gchar *exponent_str, cons };
temp = hexstring_to_binary(modulus_str);
- inPubKey.m_modulus.data = (unsigned char *) PORT_Alloc(modlen);
+ inPubKey.m_modulus.data = (unsigned char *) PORT_Alloc(modlen + 10);
memcpy(inPubKey.m_modulus.data, temp, modlen);
inPubKey.m_modulus.len = modlen;
inPubKey.m_modulus.type = siUnsignedInteger;
g_free(temp);
temp = hexstring_to_binary(exponent_str);
- inPubKey.m_exponent.data = (unsigned char *) PORT_Alloc(explen);
+ inPubKey.m_exponent.data = (unsigned char *) PORT_Alloc(explen + 10);
memcpy(inPubKey.m_exponent.data, temp, explen);
inPubKey.m_exponent.len = explen;
inPubKey.m_exponent.type = siUnsignedInteger;
|