Commit 06486c1281 for openssl.org

commit 06486c12818c74869bde18629930f9312d7d657b
Author: Bob Beck <beck@openssl.org>
Date:   Sat May 16 11:29:07 2026 -0600

    fix cmp mock server to not depend on NUL bytes in ASN1_STRING

    ASN1_STRING is documented that the behavior of NUL byte addition
    should not be depended upon.

    The mock server calls strcmp on the bare data from an ASN1_STRING.
    This only works if the data is NUL terminated.

    Reviewed-by: Neil Horman <nhorman@openssl.org>
    Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
    MergeDate: Wed May 20 16:01:47 2026
    (Merged from https://github.com/openssl/openssl/pull/31202)

diff --git a/apps/lib/cmp_mock_srv.c b/apps/lib/cmp_mock_srv.c
index caae0ae3b8..43cf6af314 100644
--- a/apps/lib/cmp_mock_srv.c
+++ b/apps/lib/cmp_mock_srv.c
@@ -345,6 +345,7 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
             STACK_OF(ASN1_UTF8STRING) *strs;
             ASN1_UTF8STRING *str;
             const char *data;
+            int len;

             if (OBJ_obj2nid(obj) == NID_id_it_certProfile) {
                 if (!OSSL_CMP_ITAV_get0_certProfile(itav, &strs))
@@ -359,7 +360,8 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
                     ERR_raise(ERR_LIB_CMP, ERR_R_PASSED_INVALID_ARGUMENT);
                     return NULL;
                 }
-                if (strcmp(data, "profile1") != 0) {
+                if (((len = ASN1_STRING_length(str)) != (int)sizeof("profile1") - 1)
+                    || memcmp(data, "profile1", len) != 0) {
                     ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_CERTPROFILE);
                     return NULL;
                 }