[glib-networking/glib-2-68] gnutls: Ensure that PKCS #11 pins are NUL terminated

From: Michael Catanzaro <mcatanzaro src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib-networking/glib-2-68] gnutls: Ensure that PKCS #11 pins are NUL terminated
Date: Sun, 11 Jul 2021 15:20:50 +0000 (UTC)

commit 0a969431e8f4845d3a827f51d12d56f8683cc7f7
Author: Patrick Griffis <pgriffis igalia com>
Date:   Fri Jul 9 19:19:04 2021 -0500

    gnutls: Ensure that PKCS #11 pins are NUL terminated

 tls/gnutls/gtlsconnection-gnutls.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 369a360d..41524000 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -260,10 +260,13 @@ on_pin_request (void         *userdata,
       {
         gsize password_size;
         const guchar *password_data = g_tls_password_get_value (password, &password_size);
-        if (password_size > pin_max)
+        if (password_size > pin_max - 1)
           g_info ("PIN is larger than max PIN size");
 
-        memcpy (pin, password_data, MIN (password_size, pin_max));
+        /* Ensure NUL-termination */
+        memset (pin, 0, pin_max);
+        memcpy (pin, password_data, MIN (password_size, pin_max - 1));
+
         ret = GNUTLS_E_SUCCESS;
     }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]