projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5f54e57)
Fix printing of PROXY_CERT_INFO_EXTENSION to not assume NUL terminated strings
authorMatt Caswell <matt@openssl.org>
Wed, 18 Aug 2021 13:02:40 +0000 (14:02 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 24 Aug 2021 12:18:36 +0000 (13:18 +0100)
ASN.1 strings may not be NUL terminated. Don't assume they are.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
crypto/x509v3/v3_pci.c patch | blob | history

diff --git a/crypto/x509v3/v3_pci.c b/crypto/x509v3/v3_pci.c
index 3d124fa6d95d617eeebabcc7c395fd09ab0f86bc..98b6ef25e28092a1b99776b58eb4b8eaad8fc1ec 100644 (file)
--- a/crypto/x509v3/v3_pci.c
+++ b/crypto/x509v3/v3_pci.c
@@ -77,7 +77,8 @@ static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
     i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
     BIO_puts(out, "\n");
     if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
-        BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
+        BIO_printf(out, "%*sPolicy Text: %.*s\n", indent, "",
+                   pci->proxyPolicy->policy->length,
                    pci->proxyPolicy->policy->data);
     return 1;
 }
Unnamed repository; edit this file 'description' to name the repository.