diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-05-26 22:12:19 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-05-26 22:18:29 +0200 |
| commit | 33f82322503a9eba8f2d848d2a21398207db4832 (patch) | |
| tree | 131dd2007484f767848e45c32440f22077b48fc7 /lib/x509 | |
| parent | 8c42d1029d7b47a176118d21c05c39eda3ea3f3d (diff) | |
| download | gnutls-33f82322503a9eba8f2d848d2a21398207db4832.tar.gz | |
Check the OID size for match when comparing for the OCSP nonce extension
Reported by Hanno Böck.
Diffstat (limited to 'lib/x509')
| -rw-r--r-- | lib/x509/ocsp_output.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/x509/ocsp_output.c b/lib/x509/ocsp_output.c index 8a15975cfe..fcee94142e 100644 --- a/lib/x509/ocsp_output.c +++ b/lib/x509/ocsp_output.c @@ -112,7 +112,8 @@ static void print_req(gnutls_buffer_st * str, gnutls_ocsp_req_t req) if (indx == 0) adds(str, "\tExtensions:\n"); - if (memcmp(oid.data, GNUTLS_OCSP_NONCE, oid.size) == 0) { + if (oid.size == sizeof(GNUTLS_OCSP_NONCE) && + memcmp(oid.data, GNUTLS_OCSP_NONCE, oid.size) == 0) { gnutls_datum_t nonce; unsigned int ncrit; @@ -478,7 +479,8 @@ print_resp(gnutls_buffer_st * str, gnutls_ocsp_resp_t resp, continue; } - if (memcmp(oid.data, GNUTLS_OCSP_NONCE, oid.size) == 0) { + if (oid.size == sizeof(GNUTLS_OCSP_NONCE) && + memcmp(oid.data, GNUTLS_OCSP_NONCE, oid.size) == 0) { gnutls_datum_t nonce; unsigned int ncrit; |