From 968062b7d3a282467cef10bb687fe045b169eae2 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 3 Jan 2011 01:31:24 +0000 Subject: [PATCH] Fix escaping code for string printing. If *any* escaping is enabled we must escape the escape character itself (backslash). --- CHANGES | 9 ++++++++- crypto/asn1/a_strex.c | 17 ++++++++++++----- 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/CHANGES b/CHANGES index c75e514793..7c44f0d989 100644 --- a/CHANGES +++ b/CHANGES @@ -166,7 +166,14 @@ Add command line options to s_client/s_server. [Steve Henson] - Changes between 1.0.0b and 1.0.0c [xx XXX xxxx] + Changes between 1.0.0c and 1.0.0d [xx XXX xxxx] + + *) Fix bug in string printing code: if *any* escaping is enabled we must + escape the escape character (backslash) or the resulting string is + ambiguous. + [Steve Henson] + + Changes between 1.0.0b and 1.0.0c [2 Dec 2010] *) Fixed J-PAKE implementation error, originally discovered by Sebastien Martini, further info and confirmation from Stefan diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c index 7fc14d3296..264ebf2393 100644 --- a/crypto/asn1/a_strex.c +++ b/crypto/asn1/a_strex.c @@ -74,6 +74,11 @@ #define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253) +#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \ + ASN1_STRFLGS_ESC_QUOTE | \ + ASN1_STRFLGS_ESC_CTRL | \ + ASN1_STRFLGS_ESC_MSB) + /* Three IO functions for sending data to memory, a BIO and * and a FILE pointer. @@ -148,6 +153,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, ch if(!io_ch(arg, tmphex, 3)) return -1; return 3; } + /* If we get this far and do any escaping at all must escape + * the escape character itself: backslash. + */ + if (chtmp == '\\' && flags & ESC_FLAGS) { + if(!io_ch(arg, "\\\\", 2)) return -1; + return 2; + } if(!io_ch(arg, &chtmp, 1)) return -1; return 1; } @@ -292,11 +304,6 @@ static const signed char tag2nbyte[] = { 4, -1, 2 /* 28-30 */ }; -#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_QUOTE | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB) - /* This is the main function, print out an * ASN1_STRING taking note of various escape * and display options. Returns number of -- 2.25.1