mirror of
https://github.com/openssl/openssl.git
synced 2024-12-15 06:01:37 +08:00
c5dc9ab965
The ASN1_STRING_get0_data(3) manual explitely cautions the reader that the data is not necessarily NUL-terminated, and the function X509_alias_set1(3) does not sanitize the data passed into it in any way either, so we must assume the return value from X509_alias_get0(3) is merely a byte array and not necessarily a string in the sense of the C language. I found this bug while writing manual pages for X509_print_ex(3) and related functions. Theo Buehler <tb@openbsd.org> checked my patch to fix the same bug in LibreSSL, see http://cvsweb.openbsd.org/src/lib/libcrypto/asn1/t_x509a.c#rev1.9 As an aside, note that the function still produces incomplete and misleading results when the data contains a NUL byte in the middle and that error handling is consistently absent throughout, even though the function provides an "int" return value obviously intended to be 1 for success and 0 for failure, and even though this function is called by another function that also wants to return 1 for success and 0 for failure and even does so in many of its code paths, though not in others. But let's stay focussed. Many things would be nice to have in the wide wild world, but a buffer overflow must not be allowed to remain in our backyard. CLA: trivial Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16108) |
||
|---|---|---|
| .. | ||
| build.info | ||
| by_dir.c | ||
| by_file.c | ||
| by_store.c | ||
| ext_dat.h | ||
| pcy_cache.c | ||
| pcy_data.c | ||
| pcy_lib.c | ||
| pcy_local.h | ||
| pcy_map.c | ||
| pcy_node.c | ||
| pcy_tree.c | ||
| standard_exts.h | ||
| t_crl.c | ||
| t_req.c | ||
| t_x509.c | ||
| v3_addr.c | ||
| v3_admis.c | ||
| v3_admis.h | ||
| v3_akeya.c | ||
| v3_akid.c | ||
| v3_asid.c | ||
| v3_bcons.c | ||
| v3_bitst.c | ||
| v3_conf.c | ||
| v3_cpols.c | ||
| v3_crld.c | ||
| v3_enum.c | ||
| v3_extku.c | ||
| v3_genn.c | ||
| v3_ia5.c | ||
| v3_info.c | ||
| v3_int.c | ||
| v3_ist.c | ||
| v3_lib.c | ||
| v3_ncons.c | ||
| v3_pci.c | ||
| v3_pcia.c | ||
| v3_pcons.c | ||
| v3_pku.c | ||
| v3_pmaps.c | ||
| v3_prn.c | ||
| v3_purp.c | ||
| v3_san.c | ||
| v3_skid.c | ||
| v3_sxnet.c | ||
| v3_tlsf.c | ||
| v3_utf8.c | ||
| v3_utl.c | ||
| v3err.c | ||
| x509_att.c | ||
| x509_cmp.c | ||
| x509_d2.c | ||
| x509_def.c | ||
| x509_err.c | ||
| x509_ext.c | ||
| x509_local.h | ||
| x509_lu.c | ||
| x509_meth.c | ||
| x509_obj.c | ||
| x509_r2x.c | ||
| x509_req.c | ||
| x509_set.c | ||
| x509_trust.c | ||
| x509_txt.c | ||
| x509_v3.c | ||
| x509_vfy.c | ||
| x509_vpm.c | ||
| x509cset.c | ||
| x509name.c | ||
| x509rset.c | ||
| x509spki.c | ||
| x509type.c | ||
| x_all.c | ||
| x_attrib.c | ||
| x_crl.c | ||
| x_exten.c | ||
| x_name.c | ||
| x_pubkey.c | ||
| x_req.c | ||
| x_x509.c | ||
| x_x509a.c | ||