diff options
| author |  Konstantin Varlamov <varconst@google.com> | 2018-05-25 16:15:25 -0400 |
|---|---|---|
| committer | Konstantin Varlamov <varconst@google.com> | 2018-05-25 16:15:25 -0400 |
| commit | a9b235a22489ca2629e45e2eca66384abcb9b73f (patch) | |
| tree | c8ff36156f3d89bca76c8ea7f523cb72a110f55b /src/objective-c | |
| parent | 35201969e806cc15a287338e21e44e9ec8072751 (diff) | |
Fix out-of-bounds access loading pem files in Objective-C.
dataUsingEncoding: method of NSString does *not* return
a null-terminated string. Passing it to GRPC core results in an
out-of-bounds access when the resulting non-null-terminated buffer is
passed to strlen.
Diffstat (limited to 'src/objective-c')
| -rw-r--r-- | src/objective-c/GRPCClient/private/GRPCHost.m | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/objective-c/GRPCClient/private/GRPCHost.m b/src/objective-c/GRPCClient/private/GRPCHost.m index c3ea9afc37..308782c8b6 100644 --- a/src/objective-c/GRPCClient/private/GRPCHost.m +++ b/src/objective-c/GRPCClient/private/GRPCHost.m @@ -126,6 +126,13 @@ static NSMutableDictionary *kHostCache; completionQueue:queue]; } +- (NSData *)dataWithNsString:(NSString *)string { + NSData *data = [string dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; + NSMutableData *nullTerminated = [NSMutableData dataWithData: data]; + [nullTerminated appendBytes:"\0" length:1]; + return nullTerminated; +} + - (BOOL)setTLSPEMRootCerts:(nullable NSString *)pemRootCerts withPrivateKey:(nullable NSString *)pemPrivateKey withCertChain:(nullable NSString *)pemCertChain @@ -147,13 +154,12 @@ static NSMutableDictionary *kHostCache; kDefaultRootsError = error; return; } - kDefaultRootsASCII = - [contentInUTF8 dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; + kDefaultRootsASCII = [self dataWithNsString:contentInUTF8]; }); NSData *rootsASCII; if (pemRootCerts != nil) { - rootsASCII = [pemRootCerts dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; + rootsASCII = [self dataWithNsString:pemRootCerts]; } else { if (kDefaultRootsASCII == nil) { if (errorPtr) { @@ -176,10 +182,8 @@ static NSMutableDictionary *kHostCache; creds = grpc_ssl_credentials_create(rootsASCII.bytes, NULL, NULL); } else { grpc_ssl_pem_key_cert_pair key_cert_pair; - NSData *privateKeyASCII = - [pemPrivateKey dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; - NSData *certChainASCII = - [pemCertChain dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES]; + NSData *privateKeyASCII = [self dataWithNsString:pemPrivateKey]; + NSData *certChainASCII = [self dataWithNsString:pemCertChain]; key_cert_pair.private_key = privateKeyASCII.bytes; key_cert_pair.cert_chain = certChainASCII.bytes; creds = grpc_ssl_credentials_create(rootsASCII.bytes, &key_cert_pair, NULL); |