mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix nc_email to check ASN1 strings with NULL byte in the middle

Browse Source 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16524)
This commit is contained in:
Nikita Ivanov 2021-09-07 11:31:17 +03:00 committed by Pauli
parent cc0d1b03a9
commit 485d0790ac
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/x509/v3_ncons.c
View File

@ -714,6 +714,9 @@ static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
if (baseat != baseptr) {
if ((baseat - baseptr) != (emlat - emlptr))
return X509_V_ERR_PERMITTED_VIOLATION;
if (memchr(baseptr, 0, baseat - baseptr) ||
memchr(emlptr, 0, emlat - emlptr))
return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
/* Case sensitive match of local part */
if (strncmp(baseptr, emlptr, emlat - emlptr))
return X509_V_ERR_PERMITTED_VIOLATION;