Bug 1825496
| Summary: | Invalid serialization of rfc7512 URI | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Marc Becker <becm> | ||||||
| Component: | pkcs11-helper | Assignee: | Kalev Lember <klember> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 31 | CC: | dwmw2, klember, nmavrogi, smooge | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | All | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | pkcs11-helper-1.22-10.fc32 pkcs11-helper-1.22-10.fc30 pkcs11-helper-1.22-10.fc31 | Doc Type: | --- | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2020-05-01 04:06:15 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
Created attachment 1679913 [details]
trigger null-byte encoding for __token_attr_escape
FEDORA-2020-6ec6f8ed90 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-6ec6f8ed90 FEDORA-2020-9b11b5520f has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2020-9b11b5520f FEDORA-2020-bd3a78919a has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2020-bd3a78919a FEDORA-2020-9b11b5520f has been pushed to the Fedora 31 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-9b11b5520f` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-9b11b5520f See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-bd3a78919a has been pushed to the Fedora 30 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-bd3a78919a` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-bd3a78919a See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-6ec6f8ed90 has been pushed to the Fedora 32 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-6ec6f8ed90` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-6ec6f8ed90 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-6ec6f8ed90 has been pushed to the Fedora 32 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2020-bd3a78919a has been pushed to the Fedora 30 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2020-9b11b5520f has been pushed to the Fedora 31 stable repository. If problem still persists, please make note of it in this bug report. |
Created attachment 1679840 [details] Code to verify rfc7512 URI serialization result Description of problem: null-bytes are not serialized correctly Version-Release number of selected component (if applicable): 1.22-8 How reproducible: Use libpkc11-helper-1 to serialize PKCS11 IDs containing null bytes Steps to Reproduce: 1. Deserialize old token format "manufacturer/model/serial/token/0A00" 2. Serialize with Fedora version of pkcs11-helper library Actual results: Certificate serialized as "%0A" Expected results: Certificate serialized as "%0A%00" Additional info: pkcs11h-serialization.c:__token_attr_escape needs additional null-byte check. strchr(..., 0) accepts string terminator as valid match.