diff options
author | Matt Caswell <matt@openssl.org> | 2021-08-18 17:37:23 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-08-24 14:22:06 +0100 |
commit | 95f8c1e142df835d03b5b62521383a462fc5470d (patch) | |
tree | bf447a92c125f2e73e869510356b895fc094c52c /crypto/cmp/cmp_msg.c | |
parent | d2015a783e64613d8e4a142fa05048d1863df944 (diff) |
Fix CMP code to not assume NUL terminated strings
ASN.1 strings may not be NUL terminated. Don't assume they are.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'crypto/cmp/cmp_msg.c')
-rw-r--r-- | crypto/cmp/cmp_msg.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c index 5fb67ae2cb..10ef4cd922 100644 --- a/crypto/cmp/cmp_msg.c +++ b/crypto/cmp/cmp_msg.c @@ -758,13 +758,13 @@ OSSL_CMP_MSG *ossl_cmp_error_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si, goto err; msg->body->value.error->errorDetails = ft; if (lib != NULL && *lib != '\0' - && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, lib)) + && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, lib, -1)) goto err; if (reason != NULL && *reason != '\0' - && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, reason)) + && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, reason, -1)) goto err; if (details != NULL - && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, details)) + && !ossl_cmp_sk_ASN1_UTF8STRING_push_str(ft, details, -1)) goto err; } |