diff options
author | Matt Caswell <matt@openssl.org> | 2021-08-18 17:37:41 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-08-24 14:22:06 +0100 |
commit | 1f365708a3318a5f1a395f90c38b584a58d37fb9 (patch) | |
tree | 63f8f2b9cbe96056c3f136621de4d3097bd6d049 /test/helpers | |
parent | 95f8c1e142df835d03b5b62521383a462fc5470d (diff) | |
download | openssl-new-1f365708a3318a5f1a395f90c38b584a58d37fb9.tar.gz |
Fix test code to not assume NUL terminated strings
ASN.1 strings may not be NUL terminated. Don't assume they are.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'test/helpers')
-rw-r--r-- | test/helpers/pkcs12.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/test/helpers/pkcs12.c b/test/helpers/pkcs12.c index cb94be7b88..a87683dc95 100644 --- a/test/helpers/pkcs12.c +++ b/test/helpers/pkcs12.c @@ -479,12 +479,15 @@ static int check_asn1_string(const ASN1_TYPE *av, const char *txt) break; case V_ASN1_UTF8STRING: - if (!TEST_str_eq(txt, (char *)av->value.utf8string->data)) + if (!TEST_mem_eq(txt, strlen(txt), (char *)av->value.utf8string->data, + av->value.utf8string->length)) goto err; break; case V_ASN1_OCTET_STRING: - if (!TEST_str_eq(txt, (char *)av->value.octet_string->data)) + if (!TEST_mem_eq(txt, strlen(txt), + (char *)av->value.octet_string->data, + av->value.octet_string->length)) goto err; break; |