luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-02-23 10:42:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

tlscertificate: Avoid possible invalid read

Browse Source 
In various places, do not read past the end of the data.
Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2416
This commit is contained in:
Peter Bloomfield 2021-06-04 11:16:46 -04:00 committed by Philip Withnall
parent 955d376b85
commit bdd36797fc
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
gio/gtlscertificate.c
View File

@ -286,6 +286,7 @@ parse_private_key (const gchar *data,
GError **error)
{
const gchar *header_start = NULL, *header_end, *footer_start = NULL, *footer_end;
const gchar *data_end = data + data_len;
header_end = g_strstr_len (data, data_len, PEM_PRIVKEY_HEADER_END);
if (header_end)
@ -322,7 +323,7 @@ parse_private_key (const gchar *data,
footer_end += strlen (PEM_PRIVKEY_FOOTER_END);
while (*footer_end == '\r' || *footer_end == '\n')
while ((footer_end < data_end) && (*footer_end == '\r' || *footer_end == '\n'))
footer_end++;
return g_strndup (header_start, footer_end - header_start);
@ -356,7 +357,7 @@ parse_next_pem_certificate (const gchar **data,
return NULL;
}
end += strlen (PEM_CERTIFICATE_FOOTER);
while (*end == '\r' || *end == '\n')
while ((end < data_end) && (*end == '\r' || *end == '\n'))
end++;
*data = end;
@ -388,7 +389,7 @@ parse_and_create_certificate_list (const gchar *data,
/* If we read one certificate successfully, let's see if we can read
* some more. If not, we will simply return a list with the first one.
*/
while (p && *p)
while (p < end && p && *p)
{
gchar *cert_pem;
GError *error = NULL;