Hi,
I was trying to create a certificate with an URI SAN using
p5-io-socket-ssl and got a segfault in
lib/libcrypto/x509/x509_constraints.c:x509_constraints_uri_host()
perl -MIO::Socket::SSL::Utils -le 'CERT_create
ext=>[{sn=>"subjectAltName",data=>"URI:urn:open62541.server.application"}]'
I think it is a regression since the "Fix URI name constraints, allow
for URI's with no host part." change in
x509_constraints.c. x509_constraints_uri_host() is called from
x509_alt.c:v2i_GENERAL_NAME_ex() with NULL as hostpart which can not be
dereferenced.
The diff below adds a check for NULL and fixed the issue for me.
Best regards
Anton Borowka
Index: lib/libcrypto/x509/x509_constraints.c
===================================================================
RCS file: /cvs/src/lib/libcrypto/x509/x509_constraints.c,v
retrieving revision 1.29
diff -u -p -r1.29 x509_constraints.c
--- lib/libcrypto/x509/x509_constraints.c 11 Nov 2022 12:02:34 -0000 1.29
+++ lib/libcrypto/x509/x509_constraints.c 27 Nov 2022 15:05:04 -0000
@@ -530,7 +530,8 @@ x509_constraints_uri_host(uint8_t *uri,
* we indicate that we have a URI with an empty
* host part, and succeed.
*/
- *hostpart = strdup("");
+ if (hostpart != NULL)
+ *hostpart = strdup("");
return 1;
}
for (i = authority - uri; i < len; i++) {
