diff options
author | Simon Josefsson <simon@josefsson.org> | 2009-06-22 11:30:05 +0200 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2009-06-22 11:30:05 +0200 |
commit | 2773e82dd323c2699f6846a7691bf4fba697703f (patch) | |
tree | 54652bdfa8981e90d2903d03830cb5b72229fe3d /lib/x509 | |
parent | a8ef0939642f38c2788fed35cbc5cc665786b408 (diff) | |
download | gnutls-2773e82dd323c2699f6846a7691bf4fba697703f.tar.gz |
Fix off-by-one size computation that leads to truncated strings.
Reported by Tim Kosse <tim.kosse@filezilla-project.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3651>.
Diffstat (limited to 'lib/x509')
-rw-r--r-- | lib/x509/dn.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/x509/dn.c b/lib/x509/dn.c index 662fd9f236..daf14dfece 100644 --- a/lib/x509/dn.c +++ b/lib/x509/dn.c @@ -36,7 +36,7 @@ */ /* Converts the given OID to an ldap acceptable string or - * a dotted OID. + * a dotted OID. */ static const char * oid2ldap_string (const char *oid) @@ -240,7 +240,8 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct, ldap_desc = oid2ldap_string (oid); printable = _gnutls_x509_oid_data_printable (oid); - sizeof_escaped = 2 * len + 1; + /* leading #, hex encoded value and terminating NULL */ + sizeof_escaped = 2 * len + 2; escaped = gnutls_malloc (sizeof_escaped); if (escaped == NULL) @@ -310,7 +311,7 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct, _gnutls_string_get_data( &out_str, buf, sizeof_buf); buf[*sizeof_buf] = 0; } - else + else *sizeof_buf = out_str.length; result = 0; |