From a9f98e0891b02c2a270f2baeb5c194e0ded38b63 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 13 Apr 2021 16:10:45 +0200 Subject: [PATCH 1/2] Escape TLS certificate DNs that are invalid UTF-8 The subject and issuer DNs are checked whether they are valid UTF-8 before storing them in the database. If they are not, all non-ASCII characters are escaped. --- src/manage_migrators.c | 4 ++-- src/manage_sql_tls_certificates.c | 4 ++-- src/sql.c | 37 +++++++++++++++++++++++++++++++ src/sql.h | 3 +++ 4 files changed, 44 insertions(+), 4 deletions(-) diff --git a/src/manage_migrators.c b/src/manage_migrators.c index c7a09751a..346f61941 100644 --- a/src/manage_migrators.c +++ b/src/manage_migrators.c @@ -851,9 +851,9 @@ make_tls_certificate_214 (user_t owner, quoted_certificate_b64 = certificate_b64 ? sql_quote (certificate_b64) : NULL; quoted_subject_dn - = subject_dn ? sql_quote (subject_dn) : NULL; + = subject_dn ? sql_ascii_escape_and_quote (subject_dn) : NULL; quoted_issuer_dn - = issuer_dn ? sql_quote (issuer_dn) : NULL; + = issuer_dn ? sql_ascii_escape_and_quote (issuer_dn) : NULL; quoted_md5_fingerprint = md5_fingerprint ? sql_quote (md5_fingerprint) : NULL; quoted_sha256_fingerprint diff --git a/src/manage_sql_tls_certificates.c b/src/manage_sql_tls_certificates.c index 64e18bc3e..81263e429 100644 --- a/src/manage_sql_tls_certificates.c +++ b/src/manage_sql_tls_certificates.c @@ -585,9 +585,9 @@ make_tls_certificate (const char *name, quoted_sha256_fingerprint = sql_quote (sha256_fingerprint ? sha256_fingerprint : ""); quoted_subject_dn - = sql_quote (subject_dn ? subject_dn : ""); + = sql_ascii_escape_and_quote (subject_dn ? subject_dn : ""); quoted_issuer_dn - = sql_quote (issuer_dn ? issuer_dn : ""); + = sql_ascii_escape_and_quote (issuer_dn ? issuer_dn : ""); quoted_serial = sql_quote (serial ? serial : ""); diff --git a/src/sql.c b/src/sql.c index 33f7789c9..cd72c31a1 100644 --- a/src/sql.c +++ b/src/sql.c @@ -140,6 +140,43 @@ sql_quote (const char* string) return sql_nquote (string, strlen (string)); } +/** + * @brief Quotes a string for use in SQL statements, also ASCII escaping it + * if it is not valid UTF-8. + * + * @param[in] string String to quote, has to be \\0 terminated. + * + * @return Freshly allocated, quoted string. Free with g_free. + */ +gchar* +sql_ascii_escape_and_quote (const char* string) +{ + gchar *quoted_string; + + assert (string); + + if (string == NULL) + { + return NULL; + } + else if (g_utf8_validate (string, -1, NULL)) + { + // Quote valid UTF-8 without ASCII escaping + quoted_string = sql_quote (string); + } + else + { + // Assume invalid UTF-8 uses a different, unknown encoding and + // ASCII-escape it. + gchar *escaped_string; + escaped_string = g_strescape (string, ""); + quoted_string = sql_quote (escaped_string); + g_free (escaped_string); + } + + return quoted_string; +} + /** * @brief Get the SQL insert expression for a string. * diff --git a/src/sql.h b/src/sql.h index f193d35da..377a16519 100644 --- a/src/sql.h +++ b/src/sql.h @@ -79,6 +79,9 @@ sql_nquote (const char *, size_t); gchar * sql_quote (const char *); +gchar * +sql_ascii_escape_and_quote (const char *); + gchar * sql_insert (const char *); From 4932488afcfeb41a4d17333c135e7408077e8aaf Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Tue, 13 Apr 2021 16:41:12 +0200 Subject: [PATCH 2/2] Add CHANGELOG entry for certificate DN escaping --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5349c8b32..0cdc2eb56 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Fix size calculation in `--optimize vacuum` [#1447](https://github.com/greenbone/gvmd/pull/1447) - Fix report host end time check in CVE scans [#1462](https://github.com/greenbone/gvmd/pull/1462) - Fix "not regexp ..." filters [#1482](https://github.com/greenbone/gvmd/pull/1482) +- Escape TLS certificate DNs that are invalid UTF-8 [#1486](https://github.com/greenbone/gvmd/pull/1486) ### Removed