SSL Certificate: don't crash when the END CERTIFICATE line ends without CRLF

If the file/data ends in the END CERTIFICATE line without a newline, the certificate is still valid. If it's followed by anything other than a newline, then it's no longer valid. Also add another test for the BEGIN CERTIFICATE ending without newline, to ensure we don't crash there either. Reviewed-By: Peter Hartmann
author: Thiago Macieira <thiago.macieira@nokia.com> 2010-01-20 20:06:32 (GMT)
committer: Thiago Macieira <thiago.macieira@nokia.com> 2010-01-21 13:14:22 (GMT)
commit: c86ab3fcedd3bcfa195d42d45fb732cb8315319d (patch)
tree: a38b1498211288ef300c7ea04050c440fc960434
parent: 0a9e29a58bd501af2e52f868386b27b29ebb1a72 (diff)
download: Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.zip
Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.tar.gz
Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.tar.bz2
5 files changed, 22 insertions, 4 deletions
diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index 8993e72..9a9b1b5 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -696,11 +696,11 @@ QSslCertificate QSslCertificatePrivate::QSslCertificate_from_X509(X509 *x509)
 
 static bool matchLineFeed(const QByteArray &pem, int *offset)
 {
-    char ch = pem.at(*offset);
+    char ch;
 
     // ignore extra whitespace at the end of the line
-    while (ch == ' ' && *offset < pem.size())
-        ch = pem.at(++*offset);
+    while (*offset < pem.size() && (ch = pem.at(*offset)) == ' ')
+        ++*offset;
 
     if (ch == '\n') {
         *offset += 1;
@@ -732,7 +732,7 @@ QList<QSslCertificate> QSslCertificatePrivate::certificatesFromPem(const QByteAr
             break;
 
         offset = endPos + sizeof(ENDCERTSTRING) - 1;
-        if (!matchLineFeed(pem, &offset))
+        if (offset < pem.size() && !matchLineFeed(pem, &offset))
             break;
 
         QByteArray decoded = QByteArray::fromBase64(
diff --git a/tests/auto/qsslcertificate/more-certificates/malformed-just-begin-no-newline.pem b/tests/auto/qsslcertificate/more-certificates/malformed-just-begin-no-newline.pem
new file mode 100644
index 0000000..75f3c32
--- /dev/null
+++ b/tests/auto/qsslcertificate/more-certificates/malformed-just-begin-no-newline.pem
@@ -0,0 +1 @@
+-----BEGIN CERTIFICATE-----
+\ No newline at end of file
diff --git a/tests/auto/qsslcertificate/more-certificates/malformed-just-begin.pem b/tests/auto/qsslcertificate/more-certificates/malformed-just-begin.pem
new file mode 100644
index 0000000..a71aecf
--- /dev/null
+++ b/tests/auto/qsslcertificate/more-certificates/malformed-just-begin.pem
@@ -0,0 +1 @@
+-----BEGIN CERTIFICATE----- 
diff --git a/tests/auto/qsslcertificate/more-certificates/no-ending-newline.pem b/tests/auto/qsslcertificate/more-certificates/no-ending-newline.pem
new file mode 100644
index 0000000..f8056c7
--- /dev/null
+++ b/tests/auto/qsslcertificate/more-certificates/no-ending-newline.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE----- 
+MIIB8zCCAVwCAREwDQYJKoZIhvcNAQEFBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV 
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD 
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDcwNDE3MDc0MDI2WhcNMDcwNTE3 
+MDc0MDI2WjApMRowGAYDVQQDExFuYW1lL3dpdGgvc2xhc2hlczELMAkGA1UEBhMC 
+Tk8wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOud6QOsME+pWANExxgmL0iT 
+1ayg++hTxHsqAYnm/FoMxfUh+NdKkgJn2/GfNppinfPOSI667VqonU+7JBZDTLV5 
+CPbZIo9fFQpDJQN6naev4yaxU1VeYFfI7S8c8zYKeGSR+RenNNeLvfH80YxPpZZ1 
+snv8IfDH2V8MVxiyr7lLAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAleaU4pgzV6KY 
++q9QuXapUYMsC2GiNtDmkG3k+MTHUO8XlE4hqPrIM6rRf7zKQdZ950R2wL9FSnYl 
+Qm1Tdv38dCka6ivMBqvRuOt9axH3m0G7nzHL7U3zaCbtEx3yVln+b3yYtiVpTuq0 
+3MLrt7tQGAW6ra8ISf6YY1W65/uVXZE= 
+-----END CERTIFICATE-----
+\ No newline at end of file
diff --git a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
index 44f8522..c76c11f 100644
--- a/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
+++ b/tests/auto/qsslcertificate/tst_qsslcertificate.cpp
@@ -543,6 +543,9 @@ void tst_QSslCertificate::fromPath_data()
     QTest::newRow("\"d.*/c.*.pem\" wildcard der") << QString("d.*/c.*.pem") << int(QRegExp::Wildcard) << false << 0;
 
     QTest::newRow("trailing-whitespace") << QString("more-certificates/trailing-whitespace.pem") << int(QRegExp::FixedString) << true << 1;
+    QTest::newRow("no-ending-newline") << QString("more-certificates/no-ending-newline.pem") << int(QRegExp::FixedString) << true << 1;
+    QTest::newRow("malformed-just-begin") << QString("more-certificates/malformed-just-begin.pem") << int(QRegExp::FixedString) << true << 0;
+    QTest::newRow("malformed-just-begin-no-newline") << QString("more-certificates/malformed-just-begin-no-newline.pem") << int(QRegExp::FixedString) << true << 0;
 }
 
 void tst_QSslCertificate::fromPath()
author	Thiago Macieira <thiago.macieira@nokia.com>	2010-01-20 20:06:32 (GMT)
committer	Thiago Macieira <thiago.macieira@nokia.com>	2010-01-21 13:14:22 (GMT)
commit	c86ab3fcedd3bcfa195d42d45fb732cb8315319d (patch)
tree	a38b1498211288ef300c7ea04050c440fc960434
parent	0a9e29a58bd501af2e52f868386b27b29ebb1a72 (diff)
download	Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.zip Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.tar.gz Qt-c86ab3fcedd3bcfa195d42d45fb732cb8315319d.tar.bz2