Fix insufficient buffer size in maxpasswd

The buffer used to store the hexadecimal string was one byte too short. This caused the trailing null terminator to be written into unallocated memory.
2017-08-17 19:43:07 +03:00
parent 521aff6c8f
commit e91c0fe095
1 changed files with 1 additions and 1 deletions
--- a/server/core/secrets.c
+++ b/server/core/secrets.c
@ -426,7 +426,7 @@ encrypt_password(const char* path, const char *password)
    AES_set_encrypt_key(keys->enckey, 8 * MAXSCALE_KEYLEN, &aeskey);

    AES_cbc_encrypt(padded_passwd, encrypted, padded_len, &aeskey, keys->initvector, AES_ENCRYPT);
-    hex_output = (char *) MXS_MALLOC(padded_len * 2);
+    hex_output = (char *) MXS_MALLOC(padded_len * 2 + 1);
    if (hex_output)
    {
        gw_bin2hex(hex_output, encrypted, padded_len);