Patch for off-by-one in _gnutls_x509_parse_dn in lib/x509/dn.c

Tim Kosse tim.kosse at filezilla-project.org
Sat Jun 20 00:13:03 CEST 2009


The size of the sizeof_escaped string in _gnutls_x509_parse_dn is one
byte too short.

The length passed to str_escape includes the terminating null, yet the
size calculation for sizeof_escaped does not.

The attached patch corrects this problem.

To reproduce:

Using GnuTLS 2.8.1
Run gnutls-cli www.gmx.de -p 443
It prints the following value for the 2.5.4.17 OID in the subject of
certificate 0:
#1405383038303

It's missing one character at the end, it should have printed:
#14053830383037

Regards,
Tim Kosse
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: gnutls_dn.patch
URL: </pipermail/attachments/20090620/f8c3591d/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090620/f8c3591d/attachment.pgp>


More information about the Gnutls-devel mailing list