#850 Wildcard cert name checking and null termination

SSL/TLS (37)

There's a new wildcard cert attack made public here:

I took a pass over the name matching code, and unless something in openssl or the code that gets at the subject names is somehow immune, the matching logic seems to be vulnerable. If not, feel free to close.

If a fix is needed, I think it will require capturing the actual length of the subject name to match with rather than relying on null terminated strings. I couldn't actually follow the current code very well, so I'm going to keep looking at it.


  • Daniel Stenberg

    Daniel Stenberg - 2009-08-01

    Thanks for the report, this problem is now fixed in CVS!

  • Daniel Stenberg

    Daniel Stenberg - 2009-08-01
    • status: open --> closed-fixed

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks