mirror of
https://github.com/nodejs/node.git
synced 2024-11-21 10:59:27 +00:00
a336444c7f
When subject and verifier are represented as strings, escape special characters (such as '+') to guarantee unambiguity. Previously, different distinguished names could result in the same string when encoded. In particular, inserting a '+' in a single-value Relative Distinguished Name (e.g., L or OU) would produce a string that is indistinguishable from a multi-value Relative Distinguished Name. Third-party code that correctly interprets the generated string representation as a multi-value Relative Distinguished Name could then be vulnerable to an injection attack, e.g., when an attacker includes a single-value RDN with type OU and value 'HR + CN=example.com', the string representation produced by unpatched versions of Node.js would be 'OU=HR + CN=example.com', which represents a multi-value RDN. Node.js itself is not vulnerable to this attack because the current implementation that parses such strings into objects does not handle '+' at all. This oversight leads to incorrect results, but at the same time appears to prevent injection attacks (as described above). With this change, the JavaScript objects representing the subject and issuer Relative Distinguished Names are constructed in C++ directly, instead of (incorrectly) encoding them as strings and then (incorrectly) decoding the strings in JavaScript. This addresses CVE-2021-44533. CVE-ID: CVE-2021-44533 PR-URL: https://github.com/nodejs-private/node-private/pull/300 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Rich Trott <rtrott@gmail.com> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| alt-0-cert.pem | ||
| alt-1-cert.pem | ||
| alt-2-cert.pem | ||
| alt-3-cert.pem | ||
| alt-4-cert.pem | ||
| alt-5-cert.pem | ||
| alt-6-cert.pem | ||
| alt-7-cert.pem | ||
| alt-8-cert.pem | ||
| alt-9-cert.pem | ||
| alt-10-cert.pem | ||
| alt-11-cert.pem | ||
| alt-12-cert.pem | ||
| alt-13-cert.pem | ||
| alt-14-cert.pem | ||
| alt-15-cert.pem | ||
| alt-16-cert.pem | ||
| alt-17-cert.pem | ||
| alt-18-cert.pem | ||
| alt-19-cert.pem | ||
| alt-20-cert.pem | ||
| alt-21-cert.pem | ||
| alt-22-cert.pem | ||
| alt-23-cert.pem | ||
| alt-24-cert.pem | ||
| alt-25-cert.pem | ||
| alt-26-cert.pem | ||
| alt-27-cert.pem | ||
| alt-28-cert.pem | ||
| alt-29-cert.pem | ||
| alt-30-cert.pem | ||
| create-certs.js | ||
| info-0-cert.pem | ||
| info-1-cert.pem | ||
| info-2-cert.pem | ||
| info-3-cert.pem | ||
| info-4-cert.pem | ||
| package.json | ||
| server-key.pem | ||
| subj-0-cert.pem | ||
| subj-1-cert.pem | ||
| subj-2-cert.pem | ||
| subj-3-cert.pem | ||
| subj-4-cert.pem | ||
| subj-5-cert.pem | ||
| subj-6-cert.pem | ||
| subj-7-cert.pem | ||
| subj-8-cert.pem | ||
| subj-9-cert.pem | ||