Harden QAsn1Element against malicious ASN.1 strings.

We don't currently use this class for critical things like hostname verification however we still want to ensure that it is not possible to trick it using ASN.1 strings with embedded NUL characters. This will avoid problems in the future. Change-Id: Ibf3bc142a94fc9cad5f06db50f375399a087f9dc Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org> Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com> Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
author: Richard J. Moore <rich@kde.org> 2015-01-31 14:44:14 +0000
committer: Jeremy Lainé <jeremy.laine@m4x.org> 2015-02-04 15:49:35 +0000
commit: 3bc5f8c08107bcf8b5c274411850a67aed92372d (patch)
tree: 0d8f73170f2072a0416799b94b6410240991f57c /src
parent: b10fa67605bc162cb5d6b608a2d83c48f4a7e27a (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/src/network/ssl/qasn1element.cpp b/src/network/ssl/qasn1element.cpp
index f3f280d863..88f0ffb625 100644
--- a/src/network/ssl/qasn1element.cpp
+++ b/src/network/ssl/qasn1element.cpp
@@ -336,10 +336,15 @@ QByteArray QAsn1Element::toObjectName() const
 
 QString QAsn1Element::toString() const
 {
+    // Detect embedded NULs and reject
+    if (qstrlen(mValue) < uint(mValue.size()))
+        return QString();
+
     if (mType == PrintableStringType || mType == TeletexStringType)
         return QString::fromLatin1(mValue, mValue.size());
     if (mType == Utf8StringType)
         return QString::fromUtf8(mValue, mValue.size());
+
     return QString();
 }
author	Richard J. Moore <rich@kde.org>	2015-01-31 14:44:14 +0000
committer	Jeremy Lainé <jeremy.laine@m4x.org>	2015-02-04 15:49:35 +0000
commit	3bc5f8c08107bcf8b5c274411850a67aed92372d (patch)
tree	0d8f73170f2072a0416799b94b6410240991f57c /src
parent	b10fa67605bc162cb5d6b608a2d83c48f4a7e27a (diff)