From: Simon Josefsson Date: Tue, 4 Aug 2009 14:21:14 +0000 (+0200) Subject: Don't use fixed size buffer for strings. X-Git-Tag: gnutls_2_9_2~34 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=449e7d673e4527e5dc92a59be7653741099d4658;p=thirdparty%2Fgnutls.git Don't use fixed size buffer for strings. --- diff --git a/lib/x509/common.c b/lib/x509/common.c index 2d286f5f1a..3ec7509880 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -179,7 +179,7 @@ int _gnutls_x509_oid_data2string (const char *oid, void *value, int value_size, char *res, size_t * res_size) { - char str[MAX_STRING_LEN], tmpname[128]; + char *str, tmpname[128]; const char *ANAME = NULL; int CHOICE = -1, len = -1, result, i; ASN1_TYPE tmpasn = ASN1_TYPE_EMPTY; @@ -206,11 +206,11 @@ _gnutls_x509_oid_data2string (const char *oid, void *value, return GNUTLS_E_INTERNAL_ERROR; } - _gnutls_str_cpy (str, sizeof (str), "PKIX1."); - _gnutls_str_cat (str, sizeof (str), ANAME); + _gnutls_str_cpy (tmpname, sizeof (tmpname), "PKIX1."); + _gnutls_str_cat (tmpname, sizeof (tmpname), ANAME); if ((result = - asn1_create_element (_gnutls_get_pkix (), str, + asn1_create_element (_gnutls_get_pkix (), tmpname, &tmpasn)) != ASN1_SUCCESS) { gnutls_assert (); @@ -222,7 +222,7 @@ _gnutls_x509_oid_data2string (const char *oid, void *value, asn1_err)) != ASN1_SUCCESS) { gnutls_assert (); - _gnutls_x509_log ("asn1_der_decoding: %s:%s\n", str, asn1_err); + _gnutls_x509_log ("asn1_der_decoding: %s:%s\n", tmpname, asn1_err); asn1_delete_structure (&tmpasn); return _gnutls_asn2err (result); } @@ -230,28 +230,44 @@ _gnutls_x509_oid_data2string (const char *oid, void *value, /* If this is a choice then we read the choice. Otherwise it * is the value; */ - len = sizeof (str) - 1; + len = 0; + if ((result = asn1_read_value (tmpasn, "", NULL, &len)) != ASN1_MEM_ERROR) + { + gnutls_assert (); + asn1_delete_structure (&tmpasn); + return _gnutls_asn2err (result); + } + + len++; + str = gnutls_malloc (len); + if (str == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + if ((result = asn1_read_value (tmpasn, "", str, &len)) != ASN1_SUCCESS) - { /* CHOICE */ + { gnutls_assert (); asn1_delete_structure (&tmpasn); return _gnutls_asn2err (result); } + str[len] = '\0'; + if (CHOICE == 0) { - str[len] = 0; - if (res) _gnutls_str_cpy (res, *res_size, str); *res_size = len; + gnutls_free (str); + asn1_delete_structure (&tmpasn); } else { /* CHOICE */ int non_printable = 0, teletex = 0; - str[len] = 0; /* Note that we do not support strings other than * UTF-8 (thus ASCII as well). @@ -264,10 +280,26 @@ _gnutls_x509_oid_data2string (const char *oid, void *value, if (strcmp (str, "teletexString") == 0) teletex = 1; - _gnutls_str_cpy (tmpname, sizeof (tmpname), str); - len = sizeof (str) - 1; + gnutls_free (str); + + len = 0; + if ((result = + asn1_read_value (tmpasn, tmpname, NULL, &len)) != ASN1_MEM_ERROR) + { + asn1_delete_structure (&tmpasn); + return _gnutls_asn2err (result); + } + + len++; + str = gnutls_malloc (len); + if (str == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + if ((result = asn1_read_value (tmpasn, tmpname, str, &len)) != ASN1_SUCCESS) { @@ -308,6 +340,8 @@ _gnutls_x509_oid_data2string (const char *oid, void *value, return result; } } + + gnutls_free (str); } if (res)