diff options
author | Matt Caswell <matt@openssl.org> | 2021-08-18 17:37:41 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-08-24 13:18:46 +0100 |
commit | 4de66925203ca99189c842136ec4a623137ea447 (patch) | |
tree | a1bbcb98279d8a385fa96e334d22e502ad2c29f6 /test | |
parent | 8393de42498f8be75cf0353f5c9f906a43a748d2 (diff) |
Fix test code to not assume NUL terminated strings
ASN.1 strings may not be NUL terminated. Don't assume they are.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Diffstat (limited to 'test')
-rw-r--r-- | test/x509_time_test.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/test/x509_time_test.c b/test/x509_time_test.c index b6fd38a5c5..d0993d9c04 100644 --- a/test/x509_time_test.c +++ b/test/x509_time_test.c @@ -330,10 +330,12 @@ static int test_x509_time(int idx) /* if t is not NULL but expected_string is NULL, it is an 'OK' case too */ if (t != NULL && x509_format_tests[idx].expected_string) { - if (!TEST_str_eq((const char *)t->data, - x509_format_tests[idx].expected_string)) { - TEST_info("test_x509_time(%d) failed: expected_string %s, got %s\n", - idx, x509_format_tests[idx].expected_string, t->data); + if (!TEST_mem_eq((const char *)t->data, t->length, + x509_format_tests[idx].expected_string, + strlen(x509_format_tests[idx].expected_string))) { + TEST_info("test_x509_time(%d) failed: expected_string %s, got %.*s\n", + idx, x509_format_tests[idx].expected_string, t->length, + t->data); goto out; } } |