diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-05-22 20:43:24 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-05-22 20:43:28 +0200 |
| commit | 6003cb7e45921cc8ba2b6424f2b3132785e3b8b9 (patch) | |
| tree | d51339582f35ec3aa9498a327e7218d58a593771 | |
| parent | 371f0f402aa2404bbabe36453114a04456a1454c (diff) | |
| download | gnutls-6003cb7e45921cc8ba2b6424f2b3132785e3b8b9.tar.gz | |
Do not allow null strings to be read from ASN.1 structures.
This corrects a null pointer dereference when parsing some specially
crafted certificates. Issue discovered using the Codenomicon TLS
test suite.
| -rw-r--r-- | lib/x509/common.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/x509/common.c b/lib/x509/common.c index 21c2d4fb9c..37c9087823 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -1028,9 +1028,8 @@ _gnutls_x509_read_value(ASN1_TYPE c, const char *root, result = asn1_read_value_type(c, root, NULL, &len, &etype); if (result == 0 && len == 0) { - ret->data = NULL; - ret->size = 0; - return 0; + /* don't allow null strings */ + return gnutls_assert_val(GNUTLS_E_ASN1_DER_ERROR); } if (result != ASN1_MEM_ERROR) { |