Fix encoding of invalid utf-8 strings in dn.c
243d12fdec66Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

Fix encoding of invalid utf-8 strings in dn.c

* src/dn.c (append_quoted, append_atv): Use snprintf.
(append_utf8_value): Fix invalid encoding handling.

An invalid utf-8 encoding will make the loop in append_utf8_value run
once more with N > length which is not found by the termination
condition and only the former assert terminates the process if the byte
following the bad encoding has the high bit cleared. This will lead
to a read access out of bounds.

The patch removes the assert and fixes the handling of bad encoding.
Due to the new quoting the output of a badly encoded utf-8 string will
be different than in previous versions.

Replacing sprintf is only for cosmetic reasons.

Use "gpgsm --verify FILE" to exhibit the problem. FILE is
-----BEGIN PGP ARMORED FILE-----

MDAGCSqGSIb3DQEHAqCAMDACAQExDzANBgkwMDAwMDAwMDAwADCABgkwMDAwMDAw
MDAAMDEwAgEwMDAwMDEwMDAGA1UEAwwB/4AwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw

NJTr

-----END PGP ARMORED FILE-----

Reported-by: Hanno Böck
Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance

• werner

Authored on Apr 8 2015, 6:51 PM

Parents

rK792f4b36f998: w32: Use -static-libgcc to avoid linking to libgcc_s_sjlj-1.dll.

Branches

Unknown

Tags

Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rK243d12fdec66: Fix encoding of invalid utf-8 strings in dn.c (authored by Werner Koch <wk@gnupg.org>).Apr 8 2015, 6:51 PM

Changes (1)

Path

Size

src/

dn.c

rK243d12fdec66

View Options

Fix encoding of invalid utf-8 strings in dn.c243d12fdec66UnpublishedActions