diff options
author | Matt Caswell <matt@openssl.org> | 2021-08-18 17:37:41 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-08-24 14:22:06 +0100 |
commit | 1f365708a3318a5f1a395f90c38b584a58d37fb9 (patch) | |
tree | 63f8f2b9cbe96056c3f136621de4d3097bd6d049 /test/cmp_status_test.c | |
parent | 95f8c1e142df835d03b5b62521383a462fc5470d (diff) |
Fix test code to not assume NUL terminated strings
ASN.1 strings may not be NUL terminated. Don't assume they are.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'test/cmp_status_test.c')
-rw-r--r-- | test/cmp_status_test.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/test/cmp_status_test.c b/test/cmp_status_test.c index 6248cc9b32..09a8e69181 100644 --- a/test/cmp_status_test.c +++ b/test/cmp_status_test.c @@ -58,7 +58,8 @@ static int execute_PKISI_test(CMP_STATUS_TEST_FIXTURE *fixture) if (!TEST_ptr(statusString = sk_ASN1_UTF8STRING_value(ossl_cmp_pkisi_get0_statusString(si), 0)) - || !TEST_str_eq(fixture->text, (char *)statusString->data)) + || !TEST_mem_eq(fixture->text, strlen(fixture->text), + (char *)statusString->data, statusString->length)) goto end; if (!TEST_int_eq(fixture->pkifailure, |