diff options
author | Thiago Macieira <thiago.macieira@nokia.com> | 2009-08-24 11:33:34 +0200 |
---|---|---|
committer | Thiago Macieira <thiago.macieira@nokia.com> | 2009-08-28 11:07:37 +0200 |
commit | 802d8c02eaa0aa9cd8d0c6cbd18cd814e6337bc6 (patch) | |
tree | e69c095056836dccbbf8138934614da542a8a003 /tests/auto/qsslcertificate/tst_qsslcertificate.cpp | |
parent | a3ddaf7eeead265d4a22bf9ae6508509d175cfd2 (diff) |
Fix parsing of Subject Alternate Names in Qt.
Simple misuse of QLatin1String. Use QString::fromLatin1 instead and
avoid the QByteArray temporary.
Reviewed-by: Andreas Aardal Hanssen
Tracking: CVE-2009-2700
Diffstat (limited to 'tests/auto/qsslcertificate/tst_qsslcertificate.cpp')
-rw-r--r-- | tests/auto/qsslcertificate/tst_qsslcertificate.cpp | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp index 73d7afda04..37ee27769d 100644 --- a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp @@ -101,6 +101,7 @@ private slots: void certInfo(); void task256066toPem(); void nulInCN(); + void nulInSan(); // ### add tests for certificate bundles (multiple certificates concatenated into a single // structure); both PEM and DER formatted #endif @@ -744,6 +745,26 @@ void tst_QSslCertificate::nulInCN() QCOMPARE(cn, QString::fromLatin1(realCN, sizeof realCN - 1)); } +void tst_QSslCertificate::nulInSan() +{ + QList<QSslCertificate> certList = + QSslCertificate::fromPath(SRCDIR "more-certificates/badguy-nul-san.crt"); + QCOMPARE(certList.size(), 1); + + const QSslCertificate &cert = certList.at(0); + QVERIFY(!cert.isNull()); + + QMultiMap<QSsl::AlternateNameEntryType, QString> san = cert.alternateSubjectNames(); + QVERIFY(!san.isEmpty()); + + QString dnssan = san.value(QSsl::DnsEntry); + QVERIFY(!dnssan.isEmpty()); + QVERIFY(dnssan != "www.bank.com"); + + static const char realSAN[] = "www.bank.com\0.badguy.com"; + QCOMPARE(dnssan, QString::fromLatin1(realSAN, sizeof realSAN - 1)); +} + #endif // QT_NO_OPENSSL QTEST_MAIN(tst_QSslCertificate) |