[gnutls-help] Can a malicious/malformed DNS name pass gnutls_certificate_verify_peers function?

Thomas Deutschmann whissi at gentoo.org
Mon Mar 26 16:06:25 CEST 2018


I am currently auditing a program which was, while looking for a valid
peer name, looping through alternative names list like:

> char szAltName[1024];
> int iAltName;
> char allNames[32*1024];
> int iAllNames;
> size_t szAltNameLen;
> [...]
> while(!bFoundName) {
> 	szAltNameLen = sizeof(szAltName);
> 	gnuRet = gnutls_x509_crt_get_subject_alt_name(cert, iAltName,
> 			szAltName, &szAltNameLen, NULL);
> 	if(gnuRet < 0)
> 		break;
> 	else if(gnuRet == GNUTLS_SAN_DNSNAME) {
> 		iAllNames += snprintf(allNames+iAllNames, sizeof(allNames)-iAllNames,
> 			"DNSname: %s; ", szAltName);
> 		myCustomPeerNameValidator(szAltName, &bFoundName);
> 	}
> 	++iAltName;
> }
> [...]

Like you probably already noticed, "snprintf" usage is invalid and can be
exploited using a crafted certificate with a lot of large SANs.

However, I am wondering if an attack would be very limited because before
this code runs, the program calls "gnutls_certificate_verify_peers2"
function on that certificate. I.e. does GnuTLS guarantees at this stage,
that any certificate validated using this function does only contain
valid dnsNames (i.e. IA5String values) or not?


Thomas Deutschmann / Gentoo Linux Developer
C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 981 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20180326/ce411c92/attachment.sig>

More information about the Gnutls-help mailing list