Fix overflow of sum2 buffer for sha1 rolling checksums.

Fixed #353.

3 files changed, 3 insertions, 2 deletions

diff --git a/checksum.c b/checksum.c
index c6007f36..cd741d1b 100644
--- a/checksum.c
+++ b/checksum.c
@@ -300,6 +300,7 @@ uint32 get_checksum1(char *buf1, int32 len)
 }
 #endif
 
+/* The "sum" buffer must be at least MAX_DIGEST_LEN bytes! */
 void get_checksum2(char *buf, int32 len, char *sum)
 {
 #ifdef USE_OPENSSL
diff --git a/generator.c b/generator.c
index 21c4a595..557769e6 100644
--- a/generator.c
+++ b/generator.c
@@ -783,7 +783,7 @@ static int generate_and_send_sums(int fd, OFF_T len, int f_out, int f_copy)
 	for (i = 0; i < sum.count; i++) {
 		int32 n1 = (int32)MIN(len, (OFF_T)sum.blength);
 		char *map = map_ptr(mapbuf, offset, n1);
-		char sum2[SUM_LENGTH];
+		char sum2[MAX_DIGEST_LEN];
 		uint32 sum1;
 
 		len -= n1;
diff --git a/match.c b/match.c
index 6243994c..192b154a 100644
--- a/match.c
+++ b/match.c
@@ -142,7 +142,7 @@ static void hash_search(int f,struct sum_struct *s,
 {
 	OFF_T offset, aligned_offset, end;
 	int32 k, want_i, aligned_i, backup;
-	char sum2[SUM_LENGTH];
+	char sum2[MAX_DIGEST_LEN];
 	uint32 s1, s2, sum;
 	int more;
 	schar *map;