Skip to content

Commit

Permalink
[crypto] Check that common name contains no NUL characters
Browse files Browse the repository at this point in the history 
Signed-off-by: Michael Brown <mcb30@ipxe.org>
  • Loading branch information
@mcb30
mcb30 committed May 8, 2012
1 parent 0ad8b60 commit 6c8fcd4
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions src/crypto/x509.c
View file
Expand Up @@ -575,6 +575,15 @@ static int x509_parse_common_name ( struct x509_certificate *cert, char **name,
if ( ! *name )
return -ENOMEM;
memcpy ( *name, name_cursor.data, name_cursor.len );

/* Check that name contains no NULs */
if ( strlen ( *name ) != name_cursor.len ) {
DBGC ( cert, "X509 %p contains malicious commonName:\n",
cert );
DBGC_HDA ( cert, 0, raw->data, raw->len );
return rc;
}

return 0;
}

Expand Down

0 comments on commit 6c8fcd4

Please sign in to comment.