From 1f365708a3318a5f1a395f90c38b584a58d37fb9 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 18 Aug 2021 17:37:41 +0100
Subject: [PATCH] Fix test code to not assume NUL terminated strings

ASN.1 strings may not be NUL terminated. Don't assume they are.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
---
 test/cmp_status_test.c |  3 ++-
 test/helpers/pkcs12.c  |  7 +++++--
 test/x509_time_test.c  | 10 ++++++----
 3 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/test/cmp_status_test.c b/test/cmp_status_test.c
index 6248cc9b32a..09a8e69181b 100644
--- a/test/cmp_status_test.c
+++ b/test/cmp_status_test.c
@@ -58,7 +58,8 @@ static int execute_PKISI_test(CMP_STATUS_TEST_FIXTURE *fixture)
     if (!TEST_ptr(statusString =
                   sk_ASN1_UTF8STRING_value(ossl_cmp_pkisi_get0_statusString(si),
                                            0))
-            || !TEST_str_eq(fixture->text, (char *)statusString->data))
+            || !TEST_mem_eq(fixture->text, strlen(fixture->text),
+                            (char *)statusString->data, statusString->length))
         goto end;
 
     if (!TEST_int_eq(fixture->pkifailure,
diff --git a/test/helpers/pkcs12.c b/test/helpers/pkcs12.c
index cb94be7b883..a87683dc950 100644
--- a/test/helpers/pkcs12.c
+++ b/test/helpers/pkcs12.c
@@ -479,12 +479,15 @@ static int check_asn1_string(const ASN1_TYPE *av, const char *txt)
         break;
 
     case V_ASN1_UTF8STRING:
-        if (!TEST_str_eq(txt, (char *)av->value.utf8string->data))
+        if (!TEST_mem_eq(txt, strlen(txt), (char *)av->value.utf8string->data,
+                         av->value.utf8string->length))
             goto err;
         break;
 
     case V_ASN1_OCTET_STRING:
-        if (!TEST_str_eq(txt, (char *)av->value.octet_string->data))
+        if (!TEST_mem_eq(txt, strlen(txt),
+                         (char *)av->value.octet_string->data,
+                         av->value.octet_string->length))
             goto err;
         break;
 
diff --git a/test/x509_time_test.c b/test/x509_time_test.c
index d6f4330a555..711dfcb5b6d 100644
--- a/test/x509_time_test.c
+++ b/test/x509_time_test.c
@@ -382,10 +382,12 @@ static int test_x509_time(int idx)
 
     /* if t is not NULL but expected_string is NULL, it is an 'OK' case too */
     if (t != NULL && x509_format_tests[idx].expected_string) {
-        if (!TEST_str_eq((const char *)t->data,
-                    x509_format_tests[idx].expected_string)) {
-            TEST_info("test_x509_time(%d) failed: expected_string %s, got %s\n",
-                    idx, x509_format_tests[idx].expected_string, t->data);
+        if (!TEST_mem_eq((const char *)t->data, t->length,
+                    x509_format_tests[idx].expected_string,
+                    strlen(x509_format_tests[idx].expected_string))) {
+            TEST_info("test_x509_time(%d) failed: expected_string %s, got %.*s\n",
+                    idx, x509_format_tests[idx].expected_string, t->length,
+                    t->data);
             goto out;
         }
     }
-- 
2.47.2