Recently I found that the libwolfssl could not authenticate some ip address ssl certificates.A strange thing is that some URLs(like https://220.127.116.11/) can be authenticated successfully, but others cannot(like https://18.104.22.168/),and it just happen on my mt7621 router Xiaomi Redmi AC2100 but cannot be reproduced on ipq4019 router MobiPromo CM520-79F.
And then i dig deeper into the source code and found the bug.
In line 10097,macro XSNPRINTF would expand to snprintf,and altName->name[i] has a char type.
on different platforms,char is not alway unsigned,if altName->name[i] is signed char and is larger than 127,it will then be convert into unsigned int incorrectly and print the wrong string.
The problem seems be sloved in wolfssl v5.0 because i saw some changes of relevant code,but the wolfssl in openwrt 21.02 is still v4.8.1-stable.I think maybe we can either upgrade the package or add a path to exist code?
The text was updated successfully, but these errors were encountered: