Fix encoding of invalid utf-8 strings in dn.c
authorWerner Koch <wk@gnupg.org>
Wed, 8 Apr 2015 16:51:21 +0000 (18:51 +0200)
committerWerner Koch <wk@gnupg.org>
Wed, 8 Apr 2015 16:51:21 +0000 (18:51 +0200)
commit243d12fdec66a4360fbb3e307a046b39b5b4ffc3
tree4e2cca82925e882b856d2635875b748189d11a50
parent792f4b36f998beba3515b776e8ca76ecbf20e468
Fix encoding of invalid utf-8 strings in dn.c

* src/dn.c (append_quoted, append_atv): Use snprintf.
(append_utf8_value): Fix invalid encoding handling.
--

An invalid utf-8 encoding will make the loop in append_utf8_value run
once more with N > length which is not found by the termination
condition and only the former assert terminates the process if the byte
following the bad encoding has the high bit cleared.  This will lead
to a read access out of bounds.

The patch removes the assert and fixes the handling of bad encoding.
Due to the new quoting the output of a badly encoded utf-8 string will
be different than in previous versions.

Replacing sprintf is only for cosmetic reasons.

Use "gpgsm --verify FILE" to exhibit the problem.  FILE is
-----BEGIN PGP ARMORED FILE-----

MDAGCSqGSIb3DQEHAqCAMDACAQExDzANBgkwMDAwMDAwMDAwADCABgkwMDAwMDAw
MDAAMDEwAgEwMDAwMDEwMDAGA1UEAwwB/4AwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
=NJTr
-----END PGP ARMORED FILE-----

Reported-by: Hanno Böck
Signed-off-by: Werner Koch <wk@gnupg.org>
src/dn.c