diff options
| author |  Muxi Yan <muxi@users.noreply.github.com> | 2018-06-12 15:29:32 -0700 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2018-06-12 15:29:32 -0700 |
| commit | c54f607dd0c361555f96d0cb48de97a27cca0ba0 (patch) | |
| tree | 38a2a94e918a801c096d183144c432d54608429f | |
| parent | 7fb48fd7923182cf653dcc4ba4be7e55bacdb96b (diff) | |
| parent | e05196d8190300cfa2ad77f2a25ffd97cfa8486d (diff) | |
Merge pull request #15554 from var-const/objc-cert-null-term
Fix out-of-bounds access loading pem files in Objective-C.
| -rw-r--r-- | src/objective-c/GRPCClient/private/GRPCHost.m | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/src/objective-c/GRPCClient/private/GRPCHost.m b/src/objective-c/GRPCClient/private/GRPCHost.m index ac448d0696..f4b933751f 100644 --- a/src/objective-c/GRPCClient/private/GRPCHost.m +++ b/src/objective-c/GRPCClient/private/GRPCHost.m @@ -129,6 +129,14 @@ static NSMutableDictionary *kHostCache; completionQueue:queue]; } +- (NSData *)nullTerminatedDataWithString:(NSString *)string { + // dataUsingEncoding: does not return a null-terminated string. + NSData *data = [string dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; + NSMutableData *nullTerminated = [NSMutableData dataWithData:data]; + [nullTerminated appendBytes:"\0" length:1]; + return nullTerminated; +} + - (BOOL)setTLSPEMRootCerts:(nullable NSString *)pemRootCerts withPrivateKey:(nullable NSString *)pemPrivateKey withCertChain:(nullable NSString *)pemCertChain @@ -150,13 +158,12 @@ static NSMutableDictionary *kHostCache; kDefaultRootsError = error; return; } - kDefaultRootsASCII = - [contentInUTF8 dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; + kDefaultRootsASCII = [self nullTerminatedDataWithString:contentInUTF8]; }); NSData *rootsASCII; if (pemRootCerts != nil) { - rootsASCII = [pemRootCerts dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; + rootsASCII = [self nullTerminatedDataWithString:pemRootCerts]; } else { if (kDefaultRootsASCII == nil) { if (errorPtr) { @@ -179,10 +186,8 @@ static NSMutableDictionary *kHostCache; creds = grpc_ssl_credentials_create(rootsASCII.bytes, NULL, NULL); } else { grpc_ssl_pem_key_cert_pair key_cert_pair; - NSData *privateKeyASCII = - [pemPrivateKey dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; - NSData *certChainASCII = - [pemCertChain dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; + NSData *privateKeyASCII = [self nullTerminatedDataWithString:pemPrivateKey]; + NSData *certChainASCII = [self nullTerminatedDataWithString:pemCertChain]; key_cert_pair.private_key = privateKeyASCII.bytes; key_cert_pair.cert_chain = certChainASCII.bytes; creds = grpc_ssl_credentials_create(rootsASCII.bytes, &key_cert_pair, NULL); |