Patch for off-by-one in _gnutls_x509_parse_dn in lib/x509/dn.c
Simon Josefsson
simon at josefsson.org
Mon Jun 22 11:44:47 CEST 2009
Tim Kosse <tim.kosse at filezilla-project.org> writes:
> The size of the sizeof_escaped string in _gnutls_x509_parse_dn is one
> byte too short.
>
> The length passed to str_escape includes the terminating null, yet the
> size calculation for sizeof_escaped does not.
>
> The attached patch corrects this problem.
>
> To reproduce:
>
> Using GnuTLS 2.8.1
> Run gnutls-cli www.gmx.de -p 443
> It prints the following value for the 2.5.4.17 OID in the subject of
> certificate 0:
> #1405383038303
>
> It's missing one character at the end, it should have printed:
> #14053830383037
Fixed in
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=2773e82dd323c2699f6846a7691bf4fba697703f
I also added a regression check to catch future problems in this area:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=08d35c08e7186119076c118ed35ade0e32e89b58
Thanks,
/Simon
More information about the Gnutls-devel
mailing list