FCL/sf/mw/vpnclient: comparison vpnengine/ikepolparser/src/ikepolparser.cpp

equal deleted inserted replaced

-:e06095241a65
+:735de8341ce4
 #include <e32std.h>
 #include <coeutils.h>
 #include "ikepolparser.h"
 //
 // EXPORTed functions
 //
 switch(aCA->iFormat)
 {
 case CA_NAME: //falls through
 case APPL_UID:
 {
-aCA->iData = GetRestOfLine();   //ASCII format CA name or Appl uid list
+TPtrC data = GetRestOfLine();
+if( KMaxX500DN < data.Length() )
+{
+return KSecParserErrCA;
+}
+aCA->iData = data;   //ASCII format CA name or Appl uid list
 // Check if data contains empty attributes
 if( KErrNotFound != aCA->iData.FindF(_L("=,")) || KErrNotFound != aCA->iData.FindF(_L("=\"\"")))
 {
 return KSecParserErrCA;
 }
 }
 break;
 case BIN_CERT:
-return ParseFileName(aCA->iData);
+{
-//No break needed
+return ParseFileName(aCA->iData);
+}
 default:
-aCA->iData = NextToken();       //PEM cert or  Key identifier
+TPtrC next = NextToken();
+if( KMaxX500DN < next.Length() )
+{
+return KSecParserErrCA;
+}
+aCA->iData = next;  // PEM cert or  Key identifier
 break;
 }
 return KErrNone;
 }
 }
 // new stuff // error codes?
 else if (token.CompareF(_L("SUBJECT_DN_SUFFIX:"))==0) //CompareF ignores case
 {
 nMandatoryFields++;
-own_cert->iSubjectDnSuffix = GetRestOfLine();
+TPtrC data = GetRestOfLine();
+if( KMaxX500DN < data.Length() )
+{
+return KSecParserErrOwnCerts;
+}
+own_cert->iSubjectDnSuffix = data;
 // Check if data contains empty attributes
 	if( KErrNotFound != own_cert->iSubjectDnSuffix.FindF(_L("=,")) ||
 	    KErrNotFound != own_cert->iSubjectDnSuffix.FindF(_L("=\"\"")))
 		{
 		return KSecParserErrOwnCerts;
 own_cert->iIdentityAsRfc822Name=EIdentityAsRfc822NameUndefined;
 }
 else if (token.CompareF(_L("RFC822NAME_FQDN:"))==0) //CompareF ignores case
 {
 nMandatoryFields++;
-own_cert->iRfc822NameFqdn = NextToken();
-}
+TPtrC next = NextToken();
-else if (token.CompareF(_L("PRIVATE_KEY_LENGTH:"))==0) //CompareF ignores case
+if( KMaxRfc822 < next.Length() )
+{
+return KSecParserErrOwnCerts;
+}
+own_cert->iRfc822NameFqdn = next;
+}
+// CompareF ignores case
+else if (token.CompareF(_L("PRIVATE_KEY_LENGTH:"))==0)
 {
 nMandatoryFields++;
 TLex sub_num = NextToken();
 if (sub_num.Val(own_cert->iPrivateKeyLength)!=KErrNone)
 err= KSecParserErrOwnCerts;
 }
 else
 {
-UnGetToMark(); // current token didn't belong to this section
+UnGetToMark();  // current token didn't belong to this section
 endOfSection=ETrue;
 }
 }
-if (nMandatoryFields<1) // Some mandatory fields are missing
+if (nMandatoryFields<1)  // Some mandatory fields are missing
 {
 err= KSecParserErrOwnCerts;
 }
 else
 {
-own_cert->iOwnCertExists = 1;                             // Write Own Certs
+own_cert->iOwnCertExists = 1;  // Write Own Certs
 }
 return err;
 }
 TInt TIkeParser::ParsePeerCerts(CIkeData* aConf)

branch	RCL_3
changeset 44	735de8341ce4
parent 41	e06095241a65
child 46	29c8f9bc68e1