diff options
| author | Roland Shoemaker <bracewell@google.com> | 2026-02-11 14:49:13 -0800 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2026-03-05 16:12:58 -0800 |
| commit | e792d6aa952dbfdd3e8eac6f7abc3efd9df09030 (patch) | |
| tree | 127726da77f2a6b59fd121ca8691eeaf767c4c4d /src | |
| parent | a761c9ff70fec8e1089897eebd104a8f31cff2d3 (diff) | |
| download | go-e792d6aa952dbfdd3e8eac6f7abc3efd9df09030.tar.xz | |
[release-branch.go1.26] crypto/x509: fix name constraint checking panic
Apparently we allow empty dNSName SANs (e.g. a domain name of ""), which
causes the excluded domain name wildcard checking to panic, because we
assume names are always non-empty. RFC 5280 appears to say the empty
string should not be accepted, although confusingly refers to this as
" " (a single space). We should probably not allow that when creating
certificates, and possibly when creating them as well (1.27 I guess).
Thanks to Jakub Ciolek for reporting this issue.
Updates #77953
Fixes #77974
Fixes CVE-2026-27138
Change-Id: I4fb213a5450470969a7436cba09b71fd1755a6af
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3420
Reviewed-by: Neal Patel <nealpatel@google.com>
Reviewed-by: Nicholas Husin <husin@google.com>
Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3621
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/752083
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Bypass: Gopher Robot <gobot@golang.org>
Auto-Submit: Gopher Robot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/crypto/x509/constraints.go | 2 | ||||
| -rw-r--r-- | src/crypto/x509/name_constraints_test.go | 11 |
2 files changed, 12 insertions, 1 deletions
diff --git a/src/crypto/x509/constraints.go b/src/crypto/x509/constraints.go index 3c260a9b96..83bfbcb2ef 100644 --- a/src/crypto/x509/constraints.go +++ b/src/crypto/x509/constraints.go @@ -375,7 +375,7 @@ func (dnc *dnsConstraints) query(s string) (string, bool) { return constraint, true } - if !dnc.permitted && s[0] == '*' { + if !dnc.permitted && len(s) > 0 && s[0] == '*' { trimmed := trimFirstLabel(s) if constraint, found := dnc.parentConstraints[trimmed]; found { return constraint, true diff --git a/src/crypto/x509/name_constraints_test.go b/src/crypto/x509/name_constraints_test.go index b325c8edb9..3e205e5caf 100644 --- a/src/crypto/x509/name_constraints_test.go +++ b/src/crypto/x509/name_constraints_test.go @@ -1645,6 +1645,17 @@ var nameConstraintsTests = []nameConstraintsTest{ sans: []string{"email:a@ExAmple.com"}, }, }, + { + name: "excluded constraint, empty DNS san", + roots: []constraintsSpec{ + { + bad: []string{"dns:example.com"}, + }, + }, + leaf: leafSpec{ + sans: []string{"dns:"}, + }, + }, } func makeConstraintsCACert(constraints constraintsSpec, name string, key *ecdsa.PrivateKey, parent *Certificate, parentKey *ecdsa.PrivateKey) (*Certificate, error) { |