gnutls-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patch for off-by-one in _gnutls_x509_parse_dn in lib/x509/dn.c


From: Simon Josefsson
Subject: Re: Patch for off-by-one in _gnutls_x509_parse_dn in lib/x509/dn.c
Date: Mon, 22 Jun 2009 11:44:47 +0200
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux)

Tim Kosse <address@hidden> writes:

> The size of the sizeof_escaped string in _gnutls_x509_parse_dn is one
> byte too short.
>
> The length passed to str_escape includes the terminating null, yet the
> size calculation for sizeof_escaped does not.
>
> The attached patch corrects this problem.
>
> To reproduce:
>
> Using GnuTLS 2.8.1
> Run gnutls-cli www.gmx.de -p 443
> It prints the following value for the 2.5.4.17 OID in the subject of
> certificate 0:
> #1405383038303
>
> It's missing one character at the end, it should have printed:
> #14053830383037

Fixed in

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=2773e82dd323c2699f6846a7691bf4fba697703f

I also added a regression check to catch future problems in this area:

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=08d35c08e7186119076c118ed35ade0e32e89b58

Thanks,
/Simon




reply via email to

[Prev in Thread] Current Thread [Next in Thread]