[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Patch for off-by-one in _gnutls_x509_parse_dn in lib/x509/dn.c
From: |
Simon Josefsson |
Subject: |
Re: Patch for off-by-one in _gnutls_x509_parse_dn in lib/x509/dn.c |
Date: |
Mon, 22 Jun 2009 11:44:47 +0200 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux) |
Tim Kosse <address@hidden> writes:
> The size of the sizeof_escaped string in _gnutls_x509_parse_dn is one
> byte too short.
>
> The length passed to str_escape includes the terminating null, yet the
> size calculation for sizeof_escaped does not.
>
> The attached patch corrects this problem.
>
> To reproduce:
>
> Using GnuTLS 2.8.1
> Run gnutls-cli www.gmx.de -p 443
> It prints the following value for the 2.5.4.17 OID in the subject of
> certificate 0:
> #1405383038303
>
> It's missing one character at the end, it should have printed:
> #14053830383037
Fixed in
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=2773e82dd323c2699f6846a7691bf4fba697703f
I also added a regression check to catch future problems in this area:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=08d35c08e7186119076c118ed35ade0e32e89b58
Thanks,
/Simon