0003-Disallow-empty-wildcards-and-wildcards-at-TLD-level.patch (1649B)
1 From 7077cb239f9405b02b4db968dff0d2fa16698893 Mon Sep 17 00:00:00 2001 2 From: Michael Forney <mforney@mforney.org> 3 Date: Sat, 13 Nov 2021 11:28:29 -0800 4 Subject: [PATCH] Disallow empty wildcards and wildcards at TLD level 5 6 --- 7 src/x509/x509_minimal.c | 10 +++++++++- 8 src/x509/x509_minimal.t0 | 10 +++++++++- 9 2 files changed, 18 insertions(+), 2 deletions(-) 10 11 diff --git a/src/x509/x509_minimal.c b/src/x509/x509_minimal.c 12 index 04f149b..fc5fa6b 100644 13 --- a/src/x509/x509_minimal.c 14 +++ b/src/x509/x509_minimal.c 15 @@ -1474,13 +1474,21 @@ br_x509_minimal_run(void *t0ctx) 16 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') { 17 size_t u; 18 19 + u = 3; 20 + while (u <= n2 && CTX->pad[u] != '.') { 21 + u ++; 22 + } 23 + if (u > n2) { 24 + T0_PUSH(0); 25 + T0_RET(); 26 + } 27 u = 0; 28 while (u < n1 && CTX->server_name[u] != '.') { 29 u ++; 30 } 31 u ++; 32 n1 -= u; 33 - if ((n2 - 2) == n1 34 + if (u > 1 && (n2 - 2) == n1 35 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1)) 36 { 37 T0_PUSHi(-1); 38 diff --git a/src/x509/x509_minimal.t0 b/src/x509/x509_minimal.t0 39 index 80a3701..d3d01da 100644 40 --- a/src/x509/x509_minimal.t0 41 +++ b/src/x509/x509_minimal.t0 42 @@ -778,13 +778,21 @@ cc: match-server-name ( -- bool ) { 43 if (n2 >= 2 && CTX->pad[1] == '*' && CTX->pad[2] == '.') { 44 size_t u; 45 46 + u = 3; 47 + while (u <= n2 && CTX->pad[u] != '.') { 48 + u ++; 49 + } 50 + if (u > n2) { 51 + T0_PUSH(0); 52 + T0_RET(); 53 + } 54 u = 0; 55 while (u < n1 && CTX->server_name[u] != '.') { 56 u ++; 57 } 58 u ++; 59 n1 -= u; 60 - if ((n2 - 2) == n1 61 + if (u > 1 && (n2 - 2) == n1 62 && eqnocase(&CTX->pad[3], CTX->server_name + u, n1)) 63 { 64 T0_PUSHi(-1); 65 -- 66 2.49.0 67