Merge "NativeCrypto: reject non-IA5String altnames"

commit: 3661cb8bb53356560bd4616f5c615f8fbbacf587 [log] [tgz]
author: Kenny Root <kroot@google.com> Fri Mar 15 18:19:08 2013 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Mar 15 18:19:09 2013 +0000
tree: 2d0d01bb4730ce08f7c4fc014791033b97b70652
parent: 7ee4ba68c2e512989ad18bb52b1df2f9f85e6958 [diff]
parent: e4502a9efb6461e37784cac58235944ef0d0c0cb [diff]
diff --git a/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp b/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
index 56b771a..aafba3a 100644
--- a/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
+++ b/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp

@@ -3824,8 +3824,16 @@
     switch (gen->type) {
     case GEN_EMAIL:
     case GEN_DNS:
-    case GEN_URI:
-        return env->NewStringUTF(reinterpret_cast<char*>(ASN1_STRING_data(gen->d.ia5)));
+    case GEN_URI: {
+        // This must be an IA5String and must not contain NULLs.
+        char* data = reinterpret_cast<char*>(ASN1_STRING_data(gen->d.ia5));
+        if ((ASN1_STRING_type(gen->d.ia5) == V_ASN1_IA5STRING)
+                && (static_cast<size_t>(ASN1_STRING_length(gen->d.ia5)) == strlen(data))) {
+            return env->NewStringUTF(data);
+        } else {
+            return NULL;
+        }
+    }
     case GEN_DIRNAME:
         /* Write in RFC 2253 format */
         return X509_NAME_to_jstring(env, gen->d.directoryName, XN_FLAG_RFC2253);
commit	3661cb8bb53356560bd4616f5c615f8fbbacf587	[log] [tgz]
author	Kenny Root <kroot@google.com>	Fri Mar 15 18:19:08 2013 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Fri Mar 15 18:19:09 2013 +0000
tree	2d0d01bb4730ce08f7c4fc014791033b97b70652
parent	7ee4ba68c2e512989ad18bb52b1df2f9f85e6958 [diff]
parent	e4502a9efb6461e37784cac58235944ef0d0c0cb [diff]