From a3c789bd414c69c703c49a10b83acf81853f6df6 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 19 Aug 2021 12:23:38 +0100 Subject: [PATCH 7/9] Fix NETSCAPE_SPKI_print function to not assume NUL terminated strings ASN.1 strings may not be NUL terminated. Don't assume they are. CVE-2021-3712 Reviewed-by: Viktor Dukhovni Reviewed-by: Paul Dale --- CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/t_spki.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/t_spki.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/t_spki.c index 51b56d0..64ee77e 100644 --- a/CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/t_spki.c +++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/asn1/t_spki.c @@ -38,7 +38,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) } chal = spki->spkac->challenge; if (chal->length) - BIO_printf(out, " Challenge String: %s\n", chal->data); + BIO_printf(out, " Challenge String: %.*s\n", chal->length, chal->data); i = OBJ_obj2nid(spki->sig_algor.algorithm); BIO_printf(out, " Signature Algorithm: %s", (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i)); -- 2.33.0