From 5a0177def02d3810bc2745aa41d084ac5bdab1cd Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Wed, 2 Oct 2019 16:35:13 +0200
Subject: packet_crypt: Avoid out of bounds access in debug functions

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
---
 src/packet_crypt.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/packet_crypt.c b/src/packet_crypt.c
index e31ab432..727e4d4d 100644
--- a/src/packet_crypt.c
+++ b/src/packet_crypt.c
@@ -196,9 +196,9 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len)
           hmac_final(ctx, crypto->hmacbuf, &finallen);
       }
 #ifdef DEBUG_CRYPTO
-      ssh_log_hexdump("mac: ",data,hmac_digest_len(type));
+      ssh_log_hexdump("mac: ", data, len);
       if (finallen != hmac_digest_len(type)) {
-        printf("Final len is %d\n",finallen);
+          printf("Final len is %d\n", finallen);
       }
       ssh_log_hexdump("Packet hmac", crypto->hmacbuf, hmac_digest_len(type));
 #endif
-- 
cgit v1.2.3