Fix NETSCAPE_SPKI_print function to not assume NUL terminated strings

ASN.1 strings may not be NUL terminated. Don't assume they are. CVE-2021-3712 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
author: Matt Caswell <matt@openssl.org> 2021-08-19 12:23:38 +0100
committer: Matt Caswell <matt@openssl.org> 2021-08-24 13:18:55 +0100
commit: 2d0e5d4a4a5d4332325b5e5cea492fad2be633e1 (patch)
tree: b9424218223531466394da31d35fae808ec40fa3 /crypto/asn1
parent: bb4d2ed4091408404e18b3326e3df67848ef63d0 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c
index 51b56d0aa9..64ee77eeec 100644
--- a/crypto/asn1/t_spki.c
+++ b/crypto/asn1/t_spki.c
@@ -38,7 +38,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
     }
     chal = spki->spkac->challenge;
     if (chal->length)
-        BIO_printf(out, "  Challenge String: %s\n", chal->data);
+        BIO_printf(out, "  Challenge String: %.*s\n", chal->length, chal->data);
     i = OBJ_obj2nid(spki->sig_algor.algorithm);
     BIO_printf(out, "  Signature Algorithm: %s",
                (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
author	Matt Caswell <matt@openssl.org>	2021-08-19 12:23:38 +0100
committer	Matt Caswell <matt@openssl.org>	2021-08-24 13:18:55 +0100
commit	2d0e5d4a4a5d4332325b5e5cea492fad2be633e1 (patch)
tree	b9424218223531466394da31d35fae808ec40fa3 /crypto/asn1
parent	bb4d2ed4091408404e18b3326e3df67848ef63d0 (diff)