Fingerprint string created from non-zero-terminated string
wodny opened this issue · comments
Fingerprint string at the Python side contains random bytes.
Patch below.
From 5700e11605f800cd7b257c8d7903178a260fe2c2 Mon Sep 17 00:00:00 2001
From: Marcin Szewczyk <marcin.szewczyk@wodny.org>
Date: Tue, 28 Jun 2011 22:16:47 +0200
Subject: [PATCH 2/2] Truncate hash to an appropriate length.
---
src/session.c | 20 +++++++++++++++++++-
1 files changed, 19 insertions(+), 1 deletions(-)
diff --git a/src/session.c b/src/session.c
index 81913b5..ccb6977 100644
--- a/src/session.c
+++ b/src/session.c
@@ -205,6 +205,8 @@ PYLIBSSH2_Session_hostkey_hash(PYLIBSSH2_SESSION *self, PyObject *args)
{
int hashtype = LIBSSH2_HOSTKEY_HASH_MD5;
const char *hash;
+ char buff[20+1];
+ size_t len;
if (!PyArg_ParseTuple(args, "|i:hostkey_hash", &hashtype)) {
return NULL;
@@ -219,7 +221,21 @@ PYLIBSSH2_Session_hostkey_hash(PYLIBSSH2_SESSION *self, PyObject *args)
return Py_None;
}
- return PyString_FromString(hash);
+ switch(hashtype) {
+ case LIBSSH2_HOSTKEY_HASH_MD5:
+ len = 16;
+ break;
+ case LIBSSH2_HOSTKEY_HASH_SHA1:
+ len = 20;
+ break;
+ default:
+ len = 0;
+ }
+
+ memcpy(buff, hash, len);
+ buff[len] = '\0';
+
+ return PyString_FromString(buff);
}
/* }}} */
@@ -915,3 +931,5 @@ init_libssh2_Session(PyObject *dict)
return 1;
}
+
+/* vim: set sw=4: */
--
1.7.5.4
Fixed in commit b7dac38, thanks !