Fix i2v_GENERAL_NAME to not assume NUL terminated strings

ASN.1 strings may not be NUL terminated. Don't assume they are. CVE-2021-3712 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
author: Matt Caswell <matt@openssl.org> 2021-08-18 12:24:22 +0100
committer: Matt Caswell <matt@openssl.org> 2021-08-24 13:18:19 +0100
commit: 174ba8048a7f2f5e1fca31cfb93b1730d9db8300 (patch)
tree: 00d27afe9bf28f1259ebdadd79e6002a5fbdd8c5 /include
parent: 4f850d7221ef6d9010053434d8ae43da13ad8fde (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/include/crypto/x509.h b/include/crypto/x509.h
index b53c2b03c3..7ffb8abfe7 100644
--- a/include/crypto/x509.h
+++ b/include/crypto/x509.h
@@ -8,6 +8,8 @@
  */
 
 #include "internal/refcount.h"
+#include <openssl/x509.h>
+#include <openssl/conf.h>
 
 /* Internal X509 structures and functions: not for application use */
 
@@ -284,3 +286,6 @@ int a2i_ipadd(unsigned char *ipout, const char *ipasc);
 int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm);
 
 void x509_init_sig_info(X509 *x);
+
+int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
+                               size_t vallen, STACK_OF(CONF_VALUE) **extlist);
author	Matt Caswell <matt@openssl.org>	2021-08-18 12:24:22 +0100
committer	Matt Caswell <matt@openssl.org>	2021-08-24 13:18:19 +0100
commit	174ba8048a7f2f5e1fca31cfb93b1730d9db8300 (patch)
tree	00d27afe9bf28f1259ebdadd79e6002a5fbdd8c5 /include
parent	4f850d7221ef6d9010053434d8ae43da13ad8fde (diff)