diff options
author | Matt Caswell <matt@openssl.org> | 2021-08-19 12:23:38 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-08-24 13:18:55 +0100 |
commit | 2d0e5d4a4a5d4332325b5e5cea492fad2be633e1 (patch) | |
tree | b9424218223531466394da31d35fae808ec40fa3 /crypto/asn1 | |
parent | bb4d2ed4091408404e18b3326e3df67848ef63d0 (diff) |
Fix NETSCAPE_SPKI_print function to not assume NUL terminated strings
ASN.1 strings may not be NUL terminated. Don't assume they are.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/t_spki.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c index 51b56d0aa9..64ee77eeec 100644 --- a/crypto/asn1/t_spki.c +++ b/crypto/asn1/t_spki.c @@ -38,7 +38,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) } chal = spki->spkac->challenge; if (chal->length) - BIO_printf(out, " Challenge String: %s\n", chal->data); + BIO_printf(out, " Challenge String: %.*s\n", chal->length, chal->data); i = OBJ_obj2nid(spki->sig_algor.algorithm); BIO_printf(out, " Signature Algorithm: %s", (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i)); |