diff options
author | Richard J. Moore <rich@kde.org> | 2015-01-31 14:44:14 +0000 |
---|---|---|
committer | Jeremy Lainé <jeremy.laine@m4x.org> | 2015-02-04 15:49:35 +0000 |
commit | 3bc5f8c08107bcf8b5c274411850a67aed92372d (patch) | |
tree | 0d8f73170f2072a0416799b94b6410240991f57c /src/network/ssl/qasn1element.cpp | |
parent | b10fa67605bc162cb5d6b608a2d83c48f4a7e27a (diff) |
Harden QAsn1Element against malicious ASN.1 strings.
We don't currently use this class for critical things like hostname
verification however we still want to ensure that it is not possible
to trick it using ASN.1 strings with embedded NUL characters. This will
avoid problems in the future.
Change-Id: Ibf3bc142a94fc9cad5f06db50f375399a087f9dc
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Diffstat (limited to 'src/network/ssl/qasn1element.cpp')
-rw-r--r-- | src/network/ssl/qasn1element.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/network/ssl/qasn1element.cpp b/src/network/ssl/qasn1element.cpp index f3f280d863..88f0ffb625 100644 --- a/src/network/ssl/qasn1element.cpp +++ b/src/network/ssl/qasn1element.cpp @@ -336,10 +336,15 @@ QByteArray QAsn1Element::toObjectName() const QString QAsn1Element::toString() const { + // Detect embedded NULs and reject + if (qstrlen(mValue) < uint(mValue.size())) + return QString(); + if (mType == PrintableStringType || mType == TeletexStringType) return QString::fromLatin1(mValue, mValue.size()); if (mType == Utf8StringType) return QString::fromUtf8(mValue, mValue.size()); + return QString(); } |