From: Adriaan de Jong <dejong@fox-it.com>
Date: Tue, 28 Feb 2012 16:29:47 +0000 (+0100)
Subject: Fixed off-by-one in serial length calculation
X-Git-Tag: v2.3_alpha2~73
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2e2939e8b2680b287e4cce3af84357684e5e5093;p=thirdparty%2Fopenvpn.git

Fixed off-by-one in serial length calculation

The serial length was one digit too short, resulting in missing digits
at the end of the certificate's stringified serial number.

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>
---

diff --git a/src/openvpn/ssl_verify_polarssl.c b/src/openvpn/ssl_verify_polarssl.c
index 53e6006e1..85c44dd11 100644
--- a/src/openvpn/ssl_verify_polarssl.c
+++ b/src/openvpn/ssl_verify_polarssl.c
@@ -127,7 +127,7 @@ x509_get_serial (x509_cert *cert)
   int ret = 0;
   int i = 0;
   char *buf = NULL;
-  size_t len = cert->serial.len * 3;
+  size_t len = cert->serial.len * 3 + 1;
 
   buf = malloc(len);
   ASSERT(buf);