Autotest: ensure we don't mishandle SSL certificates with NULs

This is a vulnerability in some implementations. Qt isn't affected
because... well, we never implemented the decoding of escape sequences
:-)

1 files changed, 17 insertions, 0 deletions

diff --git a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
index 7fd92d6358..80ac228f7a 100644
--- a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
+++ b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
@@ -100,6 +100,7 @@ private slots:
     void fromPath();
     void certInfo();
     void task256066toPem();
+    void nulInCN();
 // ### add tests for certificate bundles (multiple certificates concatenated into a single
 //     structure); both PEM and DER formatted
 #endif
@@ -727,6 +728,22 @@ void tst_QSslCertificate::task256066toPem()
     QCOMPARE(pem1, pem2);
 }
 
+void tst_QSslCertificate::nulInCN()
+{
+    QList<QSslCertificate> certList =
+        QSslCertificate::fromPath(SRCDIR "more-certificates/badguy-nul-cn.crt");
+    QCOMPARE(certList.size(), 1);
+
+    const QSslCertificate &cert = certList.at(0);
+    QVERIFY(!cert.isNull());
+
+    QString cn = cert.subjectInfo(QSslCertificate::CommonName);
+    QVERIFY(cn != "www.bank.com");
+
+    static const char realCN[] = "www.bank.com\\x00.badguy.com";
+    QCOMPARE(cn, QString::fromLatin1(realCN, sizeof realCN - 1));
+}
+
 #endif // QT_NO_OPENSSL
 
 QTEST_MAIN(tst_QSslCertificate)