From 802d8c02eaa0aa9cd8d0c6cbd18cd814e6337bc6 Mon Sep 17 00:00:00 2001 From: Thiago Macieira Date: Mon, 24 Aug 2009 11:33:34 +0200 Subject: Fix parsing of Subject Alternate Names in Qt. Simple misuse of QLatin1String. Use QString::fromLatin1 instead and avoid the QByteArray temporary. Reviewed-by: Andreas Aardal Hanssen Tracking: CVE-2009-2700 --- tests/auto/qsslcertificate/tst_qsslcertificate.cpp | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'tests/auto/qsslcertificate/tst_qsslcertificate.cpp') diff --git a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp index 73d7afda04..37ee27769d 100644 --- a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp @@ -101,6 +101,7 @@ private slots: void certInfo(); void task256066toPem(); void nulInCN(); + void nulInSan(); // ### add tests for certificate bundles (multiple certificates concatenated into a single // structure); both PEM and DER formatted #endif @@ -744,6 +745,26 @@ void tst_QSslCertificate::nulInCN() QCOMPARE(cn, QString::fromLatin1(realCN, sizeof realCN - 1)); } +void tst_QSslCertificate::nulInSan() +{ + QList certList = + QSslCertificate::fromPath(SRCDIR "more-certificates/badguy-nul-san.crt"); + QCOMPARE(certList.size(), 1); + + const QSslCertificate &cert = certList.at(0); + QVERIFY(!cert.isNull()); + + QMultiMap san = cert.alternateSubjectNames(); + QVERIFY(!san.isEmpty()); + + QString dnssan = san.value(QSsl::DnsEntry); + QVERIFY(!dnssan.isEmpty()); + QVERIFY(dnssan != "www.bank.com"); + + static const char realSAN[] = "www.bank.com\0.badguy.com"; + QCOMPARE(dnssan, QString::fromLatin1(realSAN, sizeof realSAN - 1)); +} + #endif // QT_NO_OPENSSL QTEST_MAIN(tst_QSslCertificate) -- cgit v1.2.3