s4:heimdal: import lorikeet-heimdal-200908050050 (commit 8714779fa7376fd9f7761587639e68b48afc8c9c)

This also adds a new hdb-glue.c file, to cope with Heimdal's
uncondtional enabling of SQLITE.

(Very reasonable, but not required for Samba4's use).

Andrew Bartlett

1 files changed, 14 insertions, 0 deletions

diff --git a/source4/heimdal/lib/asn1/der_get.c b/source4/heimdal/lib/asn1/der_get.c
index 8144639b9a..aee565040f 100644
--- a/source4/heimdal/lib/asn1/der_get.c
+++ b/source4/heimdal/lib/asn1/der_get.c
@@ -198,6 +198,13 @@ der_get_bmp_string (const unsigned char *p, size_t len,
     for (i = 0; i < data->length; i++) {
 	data->data[i] = (p[0] << 8) | p[1];
 	p += 2;
+	/* check for NUL in the middle of the string */
+	if (data->data[i] == 0 && i != (data->length - 1)) {
+	    free(data->data);
+	    data->data = NULL;
+	    data->length = 0;
+	    return ASN1_BAD_CHARACTER;
+	}
     }
     if (size) *size = len;
 
@@ -222,6 +229,13 @@ der_get_universal_string (const unsigned char *p, size_t len,
     for (i = 0; i < data->length; i++) {
 	data->data[i] = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
 	p += 4;
+	/* check for NUL in the middle of the string */
+	if (data->data[i] == 0 && i != (data->length - 1)) {
+	    free(data->data);
+	    data->data = NULL;
+	    data->length = 0;
+	    return ASN1_BAD_CHARACTER;
+	}
     }
     if (size) *size = len;
     return 0;