From 802d8c02eaa0aa9cd8d0c6cbd18cd814e6337bc6 Mon Sep 17 00:00:00 2001 From: Thiago Macieira <thiago.macieira@nokia.com> Date: Mon, 24 Aug 2009 11:33:34 +0200 Subject: [PATCH] Fix parsing of Subject Alternate Names in Qt. Simple misuse of QLatin1String. Use QString::fromLatin1 instead and avoid the QByteArray temporary. Reviewed-by: Andreas Aardal Hanssen Tracking: CVE-2009-2700 --- src/network/ssl/qsslcertificate.cpp | 2 +- .../more-certificates/badguy-nul-san.crt | 83 ++++++++++++++++++++ tests/auto/qsslcertificate/tst_qsslcertificate.cpp | 21 +++++ 3 files changed, 105 insertions(+), 1 deletions(-) create mode 100644 tests/auto/qsslcertificate/more-certificates/badguy-nul-san.crt diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index d62c911..b5df35c 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -377,7 +377,7 @@ QMultiMap<QSsl::AlternateNameEntryType, QString> QSslCertificate::alternateSubje } const char *altNameStr = reinterpret_cast<const char *>(q_ASN1_STRING_data(genName->d.ia5)); - const QString altName = QLatin1String(QByteArray(altNameStr, len)); + const QString altName = QString::fromLatin1(altNameStr, len); if (genName->type == GEN_DNS) result.insert(QSsl::DnsEntry, altName); else if (genName->type == GEN_EMAIL)