Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1825496
Summary: | Invalid serialization of rfc7512 URI | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Marc Becker <becm> | ||||||
Component: | pkcs11-helper | Assignee: | Kalev Lember <klember> | ||||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | unspecified | Docs Contact: | |||||||
Priority: | unspecified | ||||||||
Version: | 31 | CC: | dwmw2, klember, nmavrogi, smooge | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | All | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | pkcs11-helper-1.22-10.fc32 pkcs11-helper-1.22-10.fc30 pkcs11-helper-1.22-10.fc31 | Doc Type: | --- | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2020-05-01 04:06:15 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Created attachment 1679913 [details]
trigger null-byte encoding for __token_attr_escape
FEDORA-2020-6ec6f8ed90 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-6ec6f8ed90 FEDORA-2020-9b11b5520f has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2020-9b11b5520f FEDORA-2020-bd3a78919a has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2020-bd3a78919a FEDORA-2020-9b11b5520f has been pushed to the Fedora 31 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-9b11b5520f` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-9b11b5520f See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-bd3a78919a has been pushed to the Fedora 30 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-bd3a78919a` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-bd3a78919a See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-6ec6f8ed90 has been pushed to the Fedora 32 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-6ec6f8ed90` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-6ec6f8ed90 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-6ec6f8ed90 has been pushed to the Fedora 32 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2020-bd3a78919a has been pushed to the Fedora 30 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2020-9b11b5520f has been pushed to the Fedora 31 stable repository. If problem still persists, please make note of it in this bug report. |
Created attachment 1679840 [details] Code to verify rfc7512 URI serialization result Description of problem: null-bytes are not serialized correctly Version-Release number of selected component (if applicable): 1.22-8 How reproducible: Use libpkc11-helper-1 to serialize PKCS11 IDs containing null bytes Steps to Reproduce: 1. Deserialize old token format "manufacturer/model/serial/token/0A00" 2. Serialize with Fedora version of pkcs11-helper library Actual results: Certificate serialized as "%0A" Expected results: Certificate serialized as "%0A%00" Additional info: pkcs11h-serialization.c:__token_attr_escape needs additional null-byte check. strchr(..., 0) accepts string terminator as valid match.