From 2a2229a49b0234845c627da8843b86cd57642c7d Mon Sep 17 00:00:00 2001 From: Julian Brost Date: Wed, 10 Mar 2021 14:41:06 +0100 Subject: [PATCH] Don't use sprintf for SHA1 to hex conversion --- lib/base/tlsutility.cpp | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp index ac29fbc26..264a0872f 100644 --- a/lib/base/tlsutility.cpp +++ b/lib/base/tlsutility.cpp @@ -762,9 +762,13 @@ String SHA1(const String& s, bool binary) if (binary) return String(reinterpret_cast(digest), reinterpret_cast(digest + SHA_DIGEST_LENGTH)); + static const char hexdigits[] = "0123456789abcdef"; char output[SHA_DIGEST_LENGTH*2+1]; - for (int i = 0; i < 20; i++) - sprintf(output + 2 * i, "%02x", digest[i]); + for (int i = 0; i < SHA_DIGEST_LENGTH; i++) { + output[2*i] = hexdigits[digest[i] >> 4]; + output[2*i + 1] = hexdigits[digest[i] & 0xf]; + } + output[2*SHA_DIGEST_LENGTH] = 0; return output; }