fix certificate blob parsing vulnerability by using blob_parse_untrusted

blob_parse expects blobs from trusted inputs, but in this case it can be supplied with possibly malicious certificates from untrusted inputs as well, so in order to prevent such conditions, switch to blob_parse_untrusted which should hopefully handle such inputs appropriately. Signed-off-by: Petr Štetiar <ynezz@true.cz>
author: Petr Štetiar 2019-12-16 13:58:50 +0000
committer: Petr Štetiar 2019-12-16 19:52:58 +0000
commit: 14a279411cff06f9b1363711df4ec3b5db73f042 (patch)
tree: 2bb5f3bb7eb98683336661773856e92e1abab6e1
parent: 19a7225ac0188f3b3945b5608e02fc0101127bbd (diff)
download: ucert-14a279411cff06f9b1363711df4ec3b5db73f042.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/ucert.c b/ucert.c
index 76960a2..d822199 100644
--- a/ucert.c
+++ b/ucert.c
@@ -154,7 +154,7 @@ static int cert_load(const char *certfile, struct list_head *chain) {
 
 	bufpt = (struct blob_attr *)filebuf;
 	do {
-		pret = blob_parse(bufpt, certtb, cert_policy, CERT_ATTR_MAX);
+		pret = blob_parse_untrusted(bufpt, len, certtb, cert_policy, CERT_ATTR_MAX);
 		if (pret <= 0)
 			/* no attributes found */
 			break;
author	Petr Štetiar	2019-12-16 13:58:50 +0000
committer	Petr Štetiar	2019-12-16 19:52:58 +0000
commit	14a279411cff06f9b1363711df4ec3b5db73f042 (patch)
tree	2bb5f3bb7eb98683336661773856e92e1abab6e1
parent	19a7225ac0188f3b3945b5608e02fc0101127bbd (diff)
download	ucert-14a279411cff06f9b1363711df4ec3b5db73f042.tar.gz