diff options
author | Matt Caswell <matt@openssl.org> | 2021-08-19 12:23:38 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-08-24 14:22:06 +0100 |
commit | 7c038a6bcd98d4bbfd2c2892a87a1138d2f7c5f3 (patch) | |
tree | bab3e1f2e9675475ba49eff5f1ea6db903fabf09 /crypto/asn1 | |
parent | 98624776c4d501c8badd6f772ab7048ac9191cb9 (diff) |
Fix NETSCAPE_SPKI_print function to not assume NUL terminated strings
ASN.1 strings may not be NUL terminated. Don't assume they are.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/t_spki.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c index b634808c43..3d85e08686 100644 --- a/crypto/asn1/t_spki.c +++ b/crypto/asn1/t_spki.c @@ -38,7 +38,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) } chal = spki->spkac->challenge; if (chal->length) - BIO_printf(out, " Challenge String: %s\n", chal->data); + BIO_printf(out, " Challenge String: %.*s\n", chal->length, chal->data); i = OBJ_obj2nid(spki->sig_algor.algorithm); BIO_printf(out, " Signature Algorithm: %s", (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i)); |