solutions

[Simon Josefsson]

Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:

> Simon Josefsson wrote:
>
>>>    return 0;
>>>  }
>> 
>> Hi Nikos -- this code crashed the self-tests, but I fixed that.
>> 
>> However, isn't this the wrong way to address the real problem?  It seems
>> callers of the function should be fixed to be careful not to assume
>> decoded data does not contain NULs?
>
> A null byte there is really malicious (why would a string contain a null
> byte?).

The standards permit it...

> Maybe using '?' is not the right solution, though. However I don't
> think the callers of this function will be safe... even the
> description of it says that the string will be null terminated :( I'd
> suggest to use memcpy for the cases of the gnutls_str_cpy to avoid
> having certificates that return a smaller DN value...

The function already escape strings as per RFC 2253 in some cases, so I
think it would be fine to escape any NUL byte with \00 which is as per
RFC 2253.  Then the string will be zero terminated and will look
correct.  Replacing NUL bytes with ? isn't perfect since it damages
information.  So to avoid similar issues, we'd also need to replace any
\ with \\ or \5C in the string.

I'm implementing this now.

/Simon