From: Eric Leblond <eric@regit.org>
Date: Wed, 21 Oct 2015 12:50:25 +0000 (+0200)
Subject: json-email: fix coverity alert
X-Git-Tag: suricata-3.0RC1~60
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f8b6768d050573aff955df3a2661340a040af345;p=thirdparty%2Fsuricata.git

json-email: fix coverity alert

The code was not correct and coverity did detect a potential
overflow problem that should not happen because of the structure
of md5 string and of format.
---

diff --git a/src/output-json-email-common.c b/src/output-json-email-common.c
index 33264d471d..88cd3acf4b 100644
--- a/src/output-json-email-common.c
+++ b/src/output-json-email-common.c
@@ -140,13 +140,13 @@ static void JsonEmailLogJSONMd5(OutputJsonEmailCtx *email_ctx, json_t *js, SMTPT
         field = MimeDecFindField(entity, "subject");
         if (field != NULL) {
             unsigned char md5[MD5_LENGTH];
-            char smd5[2 * MD5_LENGTH + 1];
+            char smd5[256];
             char *value = BytesToString((uint8_t *)field->value , field->value_len);
             if (value) {
                 size_t i,x;
                 HASH_HashBuf(HASH_AlgMD5, md5, (unsigned char *)value, strlen(value));
                 for (i = 0, x = 0; x < sizeof(md5); x++) {
-                    i += snprintf(smd5 + i, 255-i, "%02x", md5[x]);
+                    i += snprintf(smd5 + i, 255 - i, "%02x", md5[x]);
                 }
                 json_object_set_new(js, "subject_md5", json_string(smd5));
                 SCFree(value);