Hello! This is a very minor error that has no impact right now but is worth pointing out anyway. A friend and I spotted it while we were browsing through the code for fun.
if (snprintf(p, OTRNG_FPRINT_HUMAN_LEN, "%02X",
(unsigned int)hash[word * 4 + byte]) < 0) {
return OTRNG_ERROR;
}
p += 2;
The second parameter to snprintf is the max size to be written for each loop, which in this case should be 3 (p including the terminating null character), not OTRNG_FPRINT_HUMAN_LEN (126). As I said, it happens to work now, but if someone ever modifies the function there could be some overwrite errors, or at least a bit of headache around why tests fail before they spot the issue.
Would you like me to open a PR or what is your preference?
Hello! This is a very minor error that has no impact right now but is worth pointing out anyway. A friend and I spotted it while we were browsing through the code for fun.
In this snippet from https://github.com/otrv4/libotr-ng/blob/master/src/fingerprint.c#L41:
The second parameter to
snprintf
is the max size to be written for each loop, which in this case should be 3 (p
including the terminating null character), notOTRNG_FPRINT_HUMAN_LEN
(126). As I said, it happens to work now, but if someone ever modifies the function there could be some overwrite errors, or at least a bit of headache around why tests fail before they spot the issue.Would you like me to open a PR or what is your preference?