Hi It seems the pretty printed key is zero terminated only if the size of hex stays the same or increases between calls. This diff fixes it, so it is always properly terminated. While here, also drop *hex != '\0' from the if inside the loop, as it is checked directly above in the loop condition and constify the argument, as it is not modified.
Best, Martin Index: print.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/print.c,v retrieving revision 1.5 diff -u -p -r1.5 print.c --- print.c 10 Feb 2022 17:33:28 -0000 1.5 +++ print.c 17 Mar 2022 17:46:01 -0000 @@ -28,19 +28,21 @@ #include "extern.h" static const char * -pretty_key_id(char *hex) +pretty_key_id(const char *hex) { static char buf[128]; /* bigger than SHA_DIGEST_LENGTH * 3 */ size_t i; for (i = 0; i < sizeof(buf) && *hex != '\0'; i++) { - if (i % 3 == 2 && *hex != '\0') + if (i % 3 == 2) buf[i] = ':'; else buf[i] = *hex++; } if (i == sizeof(buf)) memcpy(buf + sizeof(buf) - 4, "...", 4); + else + buf[i] = '\0'; return buf; }