Fix CMP code to not assume NUL terminated strings

ASN.1 strings may not be NUL terminated. Don't assume they are. CVE-2021-3712 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David Benjamin <davidben@google.com>
author: Matt Caswell <matt@openssl.org> 2021-08-18 17:37:23 +0100
committer: Matt Caswell <matt@openssl.org> 2021-08-24 14:22:06 +0100
commit: 95f8c1e142df835d03b5b62521383a462fc5470d (patch)
tree: bf447a92c125f2e73e869510356b895fc094c52c /crypto/cmp/cmp_msg.c
parent: d2015a783e64613d8e4a142fa05048d1863df944 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index 5fb67ae2cb..10ef4cd922 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -758,13 +758,13 @@ OSSL_CMP_MSG *ossl_cmp_error_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si,
             goto err;
         msg->body->value.error->errorDetails = ft;
         if (lib != NULL && *lib != '\0'
-                && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, lib))
+                && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, lib, -1))
             goto err;
         if (reason != NULL && *reason != '\0'
-                && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, reason))
+                && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, reason, -1))
             goto err;
         if (details != NULL
-                && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, details))
+                && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, details, -1))
             goto err;
     }
author	Matt Caswell <matt@openssl.org>	2021-08-18 17:37:23 +0100
committer	Matt Caswell <matt@openssl.org>	2021-08-24 14:22:06 +0100
commit	95f8c1e142df835d03b5b62521383a462fc5470d (patch)
tree	bf447a92c125f2e73e869510356b895fc094c52c /crypto/cmp/cmp_msg.c
parent	d2015a783e64613d8e4a142fa05048d1863df944 (diff)