[gnutls-help] Can a malicious/malformed DNS name pass gnutls_certificate_verify_peers function?
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Fri Mar 30 07:19:06 CEST 2018
The verify function only verifies the certificate signature. Any checks on data would be done by the get function.
On March 26, 2018 2:06:25 PM UTC, Thomas Deutschmann <whissi at gentoo.org> wrote:
>Hi,
>
>I am currently auditing a program which was, while looking for a valid
>peer name, looping through alternative names list like:
>
>> char szAltName[1024];
>> int iAltName;
>> char allNames[32*1024];
>> int iAllNames;
>> size_t szAltNameLen;
>>
>> [...]
>>
>> while(!bFoundName) {
>> szAltNameLen = sizeof(szAltName);
>> gnuRet = gnutls_x509_crt_get_subject_alt_name(cert, iAltName,
>> szAltName, &szAltNameLen, NULL);
>> if(gnuRet < 0)
>> break;
>> else if(gnuRet == GNUTLS_SAN_DNSNAME) {
>> iAllNames += snprintf(allNames+iAllNames,
>sizeof(allNames)-iAllNames,
>> "DNSname: %s; ", szAltName);
>> myCustomPeerNameValidator(szAltName, &bFoundName);
>> }
>> ++iAltName;
>> }
>>
>> [...]
>
>Like you probably already noticed, "snprintf" usage is invalid and can
>be
>exploited using a crafted certificate with a lot of large SANs.
>
>However, I am wondering if an attack would be very limited because
>before
>this code runs, the program calls "gnutls_certificate_verify_peers2"
>function on that certificate. I.e. does GnuTLS guarantees at this
>stage,
>that any certificate validated using this function does only contain
>valid dnsNames (i.e. IA5String values) or not?
>
>Thanks.
--
Sent from my mobile. Please excuse my brevity.
More information about the Gnutls-help
mailing list