Browse Source

Fix GENERAL_NAME_print to not assume NUL terminated strings

ASN.1 strings may not be NUL terminated. Don't assume they are.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
master
Matt Caswell 2 months ago
parent
commit
b2b3b9c993
1 changed files with 10 additions and 5 deletions
  1. +10
    -5
      crypto/x509/v3_san.c

+ 10
- 5
crypto/x509/v3_san.c View File

@ -223,23 +223,28 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
switch (nid) {
case NID_id_on_SmtpUTF8Mailbox:
BIO_printf(out, "othername:SmtpUTF8Mailbox:%s",
BIO_printf(out, "othername:SmtpUTF8Mailbox:%.*s",
gen->d.otherName->value->value.utf8string->length,
gen->d.otherName->value->value.utf8string->data);
break;
case NID_XmppAddr:
BIO_printf(out, "othername:XmppAddr:%s",
BIO_printf(out, "othername:XmppAddr:%.*s",
gen->d.otherName->value->value.utf8string->length,
gen->d.otherName->value->value.utf8string->data);
break;
case NID_SRVName:
BIO_printf(out, "othername:SRVName:%s",
BIO_printf(out, "othername:SRVName:%.*s",
gen->d.otherName->value->value.ia5string->length,
gen->d.otherName->value->value.ia5string->data);
break;
case NID_ms_upn:
BIO_printf(out, "othername:UPN:%s",
BIO_printf(out, "othername:UPN:%.*s",
gen->d.otherName->value->value.utf8string->length,
gen->d.otherName->value->value.utf8string->data);
break;
case NID_NAIRealm:
BIO_printf(out, "othername:NAIRealm:%s",
BIO_printf(out, "othername:NAIRealm:%.*s",
gen->d.otherName->value->value.utf8string->length,
gen->d.otherName->value->value.utf8string->data);
break;
default:


Loading…
Cancel
Save