[gnutls-devel] GnuTLS | gnutls can't check object identifier value correctly (#886)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri Jan 3 15:07:04 CET 2020
llqll commented:
I'm not sure if this oid is valid. This leaf certificate was generated by the fuzzing tool. its content is
```
Certificate:
Data:
...
Subject: 2.1998768.0.0.14.1.14.1998848.0.0.14.99.111.109 = CN, ST = Guangdong Sheng, L = Shenzhen, O = Shenzhen Tencent Computer Systems Company Limited, OU = R&D, CN = www .qq.com
Subject Public Key Info:
...
```
The oid you detected is 2.1998768.0.0.14.1.14.1998848.0.0.14.99.111.109 . This oid may be invalid, but the problem that `asn1_get_object_id_der` function always checks the second byte instead of the leading byte of object identifier value really exists.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/886#note_266872344
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200103/58ddad76/attachment.html>
More information about the Gnutls-devel
mailing list