projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
b2b3b9c
)
Fix printing of PROXY_CERT_INFO_EXTENSION to not assume NUL terminated strings
author
Matt Caswell
<matt@openssl.org>
Wed, 18 Aug 2021 13:02:40 +0000
(14:02 +0100)
committer
Matt Caswell
<matt@openssl.org>
Tue, 24 Aug 2021 13:22:06 +0000
(14:22 +0100)
ASN.1 strings may not be NUL terminated. Don't assume they are.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
crypto/x509/v3_pci.c
patch
|
blob
|
history
diff --git
a/crypto/x509/v3_pci.c
b/crypto/x509/v3_pci.c
index 7a7c91f776ee7f1b1a67f3826c1192d688e78319..a931e01a9c92f3761a4d4d43365070b6f40e0b9f 100644
(file)
--- a/
crypto/x509/v3_pci.c
+++ b/
crypto/x509/v3_pci.c
@@
-76,7
+76,8
@@
static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
BIO_printf(out, "%*sPolicy Language: ", indent, "");
i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
- BIO_printf(out, "\n%*sPolicy Text: %s", indent, "",
+ BIO_printf(out, "\n%*sPolicy Text: %.*s", indent, "",
+ pci->proxyPolicy->policy->length,
pci->proxyPolicy->policy->data);
return 1;
}