Sophie

Sophie

distrib > Scientific%20Linux > 5x > x86_64 > by-pkgid > 488f7d353752a24f1cc3f6fc2e121835 > files > 6

gnutls-1.4.1-10.el5_9.1.src.rpm

diff -up gnutls-1.4.1/lib/minitasn1/decoding.c.decoding gnutls-1.4.1/lib/minitasn1/decoding.c
--- gnutls-1.4.1/lib/minitasn1/decoding.c.decoding	2006-05-10 19:13:20.000000000 +0200
+++ gnutls-1.4.1/lib/minitasn1/decoding.c	2009-08-20 17:41:31.000000000 +0200
@@ -227,24 +227,25 @@ _asn1_get_time_der (const unsigned char 
 
 
 
-void
+static int
 _asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len,
 			char *str, int str_size)
 {
   int len_len, len, k;
+  int leading;
   char temp[20];
-  unsigned long val, val1;
+  unsigned long val, val1, prev_val;
 
   *ret_len = 0;
   if (str && str_size > 0)
     str[0] = 0;			/* no oid */
 
   if (str == NULL || der_len <= 0)
-    return;
+    return ASN1_GENERIC_ERROR;
   len = asn1_get_length_der (der, der_len, &len_len);
 
   if (len < 0 || len > der_len || len_len > der_len)
-    return;
+    return ASN1_DER_ERROR;
 
   val1 = der[len_len] / 40;
   val = der[len_len] - val1 * 40;
@@ -253,19 +254,38 @@ _asn1_get_objectid_der (const unsigned c
   _asn1_str_cat (str, str_size, ".");
   _asn1_str_cat (str, str_size, _asn1_ltostr (val, temp));
 
+  prev_val = 0;
   val = 0;
+  leading = 1;
   for (k = 1; k < len; k++)
     {
+      
+
+      /* X.690 mandates that the leading byte must never be 0x80
+       */
+      if (leading != 0 && der[len_len + k] == 0x80) return ASN1_DER_ERROR;
+      leading = 0;
+
+      /* check for wrap around */
       val = val << 7;
       val |= der[len_len + k] & 0x7F;
+
+      if (val < prev_val) return ASN1_DER_ERROR;
+
+      prev_val = val;
+
       if (!(der[len_len + k] & 0x80))
 	{
 	  _asn1_str_cat (str, str_size, ".");
 	  _asn1_str_cat (str, str_size, _asn1_ltostr (val, temp));
 	  val = 0;
+	  prev_val = 0;
+	  leading = 1;
 	}
     }
   *ret_len = len + len_len;
+  
+  return ASN1_SUCCESS;
 }
 
 
diff -up gnutls-1.4.1/lib/x509/common.c.decoding gnutls-1.4.1/lib/x509/common.c
--- gnutls-1.4.1/lib/x509/common.c.decoding	2006-04-04 14:28:44.000000000 +0200
+++ gnutls-1.4.1/lib/x509/common.c	2009-08-20 17:41:31.000000000 +0200
@@ -239,6 +239,10 @@ _gnutls_x509_oid_data2string (const char
     {
       str[len] = 0;
 
+      /* Refuse to deal with strings containing NULs. */
+      if (strlen (str) != len)
+	return GNUTLS_E_ASN1_DER_ERROR;
+
       if (res)
 	_gnutls_str_cpy (res, *res_size, str);
       *res_size = len;
@@ -288,22 +292,25 @@ _gnutls_x509_oid_data2string (const char
 	    non_printable = 0;
 	}
 
-      if (res)
+      if (non_printable == 0)
 	{
-	  if (non_printable == 0)
-	    {
-	      str[len] = 0;
-	      _gnutls_str_cpy (res, *res_size, str);
-	      *res_size = len;
-	    }
-	  else
+	  str[len] = 0;
+
+	  /* Refuse to deal with strings containing NULs. */
+	  if (strlen (str) != len)
+	    return GNUTLS_E_ASN1_DER_ERROR;
+
+	  if (res)
+	    _gnutls_str_cpy (res, *res_size, str);
+	  *res_size = len;
+	}
+      else
+	{
+	  result = _gnutls_x509_data2hex (str, len, res, res_size);
+	  if (result < 0)
 	    {
-	      result = _gnutls_x509_data2hex (str, len, res, res_size);
-	      if (result < 0)
-		{
-		  gnutls_assert ();
-		  return result;
-		}
+	      gnutls_assert ();
+	      return result;
 	    }
 	}
 
diff -up gnutls-1.4.1/lib/x509/dn.c.decoding gnutls-1.4.1/lib/x509/dn.c
--- gnutls-1.4.1/lib/x509/dn.c.decoding	2006-04-04 14:28:45.000000000 +0200
+++ gnutls-1.4.1/lib/x509/dn.c	2009-08-20 17:41:31.000000000 +0200
@@ -239,7 +239,8 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_st
 	  ldap_desc = oid2ldap_string (oid);
 	  printable = _gnutls_x509_oid_data_printable (oid);
 
-	  sizeof_escaped = 2 * len + 1;
+	  /* leading #, hex encoded value and terminating NULL */
+	  sizeof_escaped = 2 * len + 2;
 
 	  escaped = gnutls_malloc (sizeof_escaped);
 	  if (escaped == NULL)
diff -up gnutls-1.4.1/lib/x509/rfc2818_hostname.c.decoding gnutls-1.4.1/lib/x509/rfc2818_hostname.c
--- gnutls-1.4.1/lib/x509/rfc2818_hostname.c.decoding	2006-03-21 17:11:25.000000000 +0100
+++ gnutls-1.4.1/lib/x509/rfc2818_hostname.c	2009-08-20 17:41:31.000000000 +0200
@@ -118,7 +118,8 @@ gnutls_x509_crt_check_hostname (gnutls_x
       if (ret == GNUTLS_SAN_DNSNAME)
 	{
 	  found_dnsname = 1;
-	  if (_gnutls_hostname_compare (dnsname, hostname))
+	  if (strlen(dnsname) == dnsnamesize && /* ignore dnsname with NUL characters */
+	      _gnutls_hostname_compare (dnsname, hostname))
 	    {
 	      return 1;
 	    }
@@ -136,10 +137,11 @@ gnutls_x509_crt_check_hostname (gnutls_x
 	{
 	  /* got an error, can't find a name 
 	   */
-	  return 1;
+	  return 0;
 	}
 
-      if (_gnutls_hostname_compare (dnsname, hostname))
+      if (strlen(dnsname) == dnsnamesize && /* ignore dnsname with NUL characters */
+	  _gnutls_hostname_compare (dnsname, hostname))
 	{
 	  return 1;
 	}
diff -up gnutls-1.4.1/src/common.c.decoding gnutls-1.4.1/src/common.c
--- gnutls-1.4.1/src/common.c.decoding	2006-07-10 23:09:09.000000000 +0200
+++ gnutls-1.4.1/src/common.c	2009-08-20 17:41:08.000000000 +0200
@@ -88,7 +88,7 @@ print_x509_info (gnutls_session session,
 {
   gnutls_x509_crt crt;
   const gnutls_datum *cert_list;
-  size_t cert_list_size = 0;
+  unsigned int cert_list_size = 0;
   int ret;
   char digest[20];
   char serial[40];
@@ -111,7 +111,7 @@ print_x509_info (gnutls_session session,
       return;
     }
 
-  printf (" - Got a certificate list of %d certificates.\n\n",
+  printf (" - Got a certificate list of %u certificates.\n\n",
 	  cert_list_size);
 
   for (j = 0; j < (unsigned int) cert_list_size; j++)

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional