[glib-networking/pgriffis/pkcs11-pin-termination] gnutls: Ensure that PKCS #11 pins are NUL terminated




commit 5294fce5f343a175a17ba88dd334f3a29f71b822
Author: Patrick Griffis <pgriffis igalia com>
Date:   Fri Jul 9 19:19:04 2021 -0500

    gnutls: Ensure that PKCS #11 pins are NUL terminated

 tls/gnutls/gtlsconnection-gnutls.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 3b574a52..54902666 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -335,10 +335,13 @@ on_pin_request (void         *userdata,
       {
         gsize password_size;
         const guchar *password_data = g_tls_password_get_value (password, &password_size);
-        if (password_size > pin_max)
+        if (password_size > pin_max - 1)
           g_info ("PIN is larger than max PIN size");
 
-        memcpy (pin, password_data, MIN (password_size, pin_max));
+        /* Ensure NUL-termination */
+        memset (pin, 0, pin_max);
+        memcpy (pin, password_data, MIN (password_size, pin_max - 1));
+
         ret = GNUTLS_E_SUCCESS;
     }
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]