From 158fe9b69895cccbf5e37eaf19361d2f19fa352d Mon Sep 17 00:00:00 2001
From: Stefan Junker <1181362+steveej@users.noreply.github.com>
Date: Sat, 4 May 2024 18:26:35 +0200
Subject: [PATCH] Fix buffer overflow in generate_enc_password with increase
 rsalt by 2 (#1463)

before this change i see a bufferflow during `readable_string`.
---
 src/client/ns_turn_msg.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/client/ns_turn_msg.c b/src/client/ns_turn_msg.c
index 4d070e25..56a6f6a5 100644
--- a/src/client/ns_turn_msg.c
+++ b/src/client/ns_turn_msg.c
@@ -292,8 +292,9 @@ static void readable_string(unsigned char *orig, unsigned char *out, size_t sz)
   out[0] = 0;
 
   for (i = 0; i < sz; ++i) {
-    snprintf((char *)(out + (i * 2)), 4, "%02x", (unsigned int)orig[i]);
+    snprintf((char *)(out + (i * 2)), 3, "%02x", (unsigned int)orig[i]);
   }
+  out[sz * 2] = 0;
 }
 
 static void generate_enc_password(const char *pwd, char *result, const unsigned char *orig_salt) {