aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ui/vnc-ws.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/ui/vnc-ws.c b/ui/vnc-ws.c
index 9ccdc1971c..3e3020916c 100644
--- a/ui/vnc-ws.c
+++ b/ui/vnc-ws.c
@@ -120,10 +120,11 @@ static char *vncws_extract_handshake_entry(const char *handshake,
static void vncws_send_handshake_response(VncState *vs, const char* key)
{
char combined_key[WS_CLIENT_KEY_LEN + WS_GUID_LEN + 1];
- char hash[SHA1_DIGEST_LEN];
- size_t hash_size = SHA1_DIGEST_LEN;
+ unsigned char hash[SHA1_DIGEST_LEN];
+ size_t hash_size = sizeof(hash);
char *accept = NULL, *response = NULL;
gnutls_datum_t in;
+ int ret;
g_strlcpy(combined_key, key, WS_CLIENT_KEY_LEN + 1);
g_strlcat(combined_key, WS_GUID, WS_CLIENT_KEY_LEN + WS_GUID_LEN + 1);
@@ -131,9 +132,9 @@ static void vncws_send_handshake_response(VncState *vs, const char* key)
/* hash and encode it */
in.data = (void *)combined_key;
in.size = WS_CLIENT_KEY_LEN + WS_GUID_LEN;
- if (gnutls_fingerprint(GNUTLS_DIG_SHA1, &in, hash, &hash_size)
- == GNUTLS_E_SUCCESS) {
- accept = g_base64_encode((guchar *)hash, SHA1_DIGEST_LEN);
+ ret = gnutls_fingerprint(GNUTLS_DIG_SHA1, &in, hash, &hash_size);
+ if (ret == GNUTLS_E_SUCCESS && hash_size <= SHA1_DIGEST_LEN) {
+ accept = g_base64_encode(hash, hash_size);
}
if (accept == NULL) {
VNC_DEBUG("Hashing Websocket combined key failed\n");