projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Prevent possible buffer overflows when using very large (>= 8192 bit) RSA keys.
[tinc] / src / protocol_key.c
diff --git a/src/protocol_key.c b/src/protocol_key.c
index a56ff91..e393dd6 100644 (file)
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -142,10 +142,11 @@ bool req_key_h(connection_t *c)
 
 bool send_ans_key(connection_t *c, const node_t *from, const node_t *to)
 {
-       char key[MAX_STRING_SIZE];
+       char *key;
 
        cp();
 
+       key = alloca(2 * from->keylength + 1);
        bin2hex(from->key, key, from->keylength);
        key[from->keylength * 2] = '\0';
 
tinc, the VPN daemon