From 65e47d3f448d74ed946bd43d035b831560388d21 Mon Sep 17 00:00:00 2001 From: Julian Brost Date: Thu, 7 May 2026 14:10:57 +0200 Subject: [PATCH 1/3] BinaryToHex: use length parameter instead of hard-coded SHA_DIGEST_LENGTH Forgot to replace one of the two uses of SHA_DIGEST_LENGTH with length in 6cd3a483a0414526a67f502f7615028cf8648e3d. All users use it for SHA1 so far, so there was no wrong usage yet. --- lib/base/tlsutility.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp index 9730c3b672a..7a5319ad507 100644 --- a/lib/base/tlsutility.cpp +++ b/lib/base/tlsutility.cpp @@ -1049,7 +1049,7 @@ String BinaryToHex(const unsigned char* data, size_t length) { static const char hexdigits[] = "0123456789abcdef"; String output(2*length, 0); - for (int i = 0; i < SHA_DIGEST_LENGTH; i++) { + for (int i = 0; i < length; i++) { output[2 * i] = hexdigits[data[i] >> 4]; output[2 * i + 1] = hexdigits[data[i] & 0xf]; } From b8e3db8179fe4618be699bbc72200d9ee5362bfd Mon Sep 17 00:00:00 2001 From: Julian Brost Date: Thu, 7 May 2026 14:12:45 +0200 Subject: [PATCH 2/3] BinaryToHex: use size_t for index variable int is just not the right type to use for an index variable, so change it to size_t, even if it's unlikely to be called on sufficently large inputs that it would actually make a difference. --- lib/base/tlsutility.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp index 7a5319ad507..bf8a2076345 100644 --- a/lib/base/tlsutility.cpp +++ b/lib/base/tlsutility.cpp @@ -1049,7 +1049,7 @@ String BinaryToHex(const unsigned char* data, size_t length) { static const char hexdigits[] = "0123456789abcdef"; String output(2*length, 0); - for (int i = 0; i < length; i++) { + for (size_t i = 0; i < length; i++) { output[2 * i] = hexdigits[data[i] >> 4]; output[2 * i + 1] = hexdigits[data[i] & 0xf]; } From c241546fed3b525d55e7df692a1593bb9527703c Mon Sep 17 00:00:00 2001 From: Julian Brost Date: Thu, 7 May 2026 14:13:42 +0200 Subject: [PATCH 3/3] Add test for BinaryToHex --- test/base-tlsutility.cpp | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/test/base-tlsutility.cpp b/test/base-tlsutility.cpp index ba97688c6d8..5a4b0ce2b3c 100644 --- a/test/base-tlsutility.cpp +++ b/test/base-tlsutility.cpp @@ -309,4 +309,26 @@ BOOST_FIXTURE_TEST_CASE(create_verify_leaf_certs, CertificateFixture, ASSERT_SIGNATURE_FAILURE(cacert, StringToCertificate(CertificateToString(newCert))); } +BOOST_AUTO_TEST_CASE(binary_to_hex) +{ + using namespace std::string_view_literals; + + // Helper to call with string_view and to cast from char to unsigned char. + auto f = [](std::string_view s) { + return BinaryToHex(reinterpret_cast(s.data()), s.length()); + }; + + // Hint: test data can be generated/verified with commands like this: printf ICINGA | xxd -p -c 0 + BOOST_CHECK_EQUAL(f(""sv), ""); + BOOST_CHECK_EQUAL(f("ICINGA"sv), "4943494e4741"); + BOOST_CHECK_EQUAL(f("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"sv), + "6162636465666768696a6b6c6d6e6f707172737475767778797a4142434445464748494a4b4c4d4e4f505152535455565758595a"); + BOOST_CHECK_EQUAL(f("handles\0correctly"sv), "68616e646c657300636f72726563746c79"); + BOOST_CHECK_EQUAL(f("\0\0\0\0\0"sv), "0000000000"); + + // Long string of 10000 * 'D' (= 0x44) should become 10000 * '44' = 20000 * '4': + BOOST_CHECK_EQUAL(f(std::string(10000, 0x44)), std::string(20000, '4')); + +} + BOOST_AUTO_TEST_SUITE_END()