40 lines
1.3 KiB
Diff
40 lines
1.3 KiB
Diff
From b70f864940225dfe69f9f653f948e787f99c3810 Mon Sep 17 00:00:00 2001
|
|
From: Andreas Weigel <andreas.weigel@securepoint.de>
|
|
Date: Wed, 18 Oct 2023 04:14:31 +0000
|
|
Subject: [PATCH] Fix validation of certificates with CN=* (#1523)
|
|
|
|
The bug was discovered and detailed by Joshua Rogers at
|
|
https://megamansec.github.io/Squid-Security-Audit/
|
|
where it was filed as "Buffer UnderRead in SSL CN Parsing".
|
|
|
|
Conflict:NA
|
|
Reference:https://github.com/squid-cache/squid/commit/b70f864940225dfe69f9f653f948e787f99c3810
|
|
---
|
|
src/anyp/Uri.cc | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/src/anyp/Uri.cc b/src/anyp/Uri.cc
|
|
index 3eed2366abd..ef77d4f766b 100644
|
|
--- a/src/anyp/Uri.cc
|
|
+++ b/src/anyp/Uri.cc
|
|
@@ -175,6 +175,10 @@ urlInitialize(void)
|
|
assert(0 == matchDomainName("*.foo.com", ".foo.com", mdnHonorWildcards));
|
|
assert(0 != matchDomainName("*.foo.com", "foo.com", mdnHonorWildcards));
|
|
|
|
+ assert(0 != matchDomainName("foo.com", ""));
|
|
+ assert(0 != matchDomainName("foo.com", "", mdnHonorWildcards));
|
|
+ assert(0 != matchDomainName("foo.com", "", mdnRejectSubsubDomains));
|
|
+
|
|
/* more cases? */
|
|
}
|
|
|
|
@@ -828,6 +832,8 @@ matchDomainName(const char *h, const char *d, MatchDomainNameFlags flags)
|
|
return -1;
|
|
|
|
dl = strlen(d);
|
|
+ if (dl == 0)
|
|
+ return 1;
|
|
|
|
/*
|
|
* Start at the ends of the two strings and work towards the
|