x509: Manually print CRL/OCSP URIs when fuzzing

This avoids a warning about the custom %Y printf specifier.

configure.ac

@@ -1732,6 +1732,9 @@ fi
 if test x$ikev2 = xtrue; then
 	AC_DEFINE([USE_IKEV2], [], [support for IKEv2 protocol])
 fi
+if test x$fuzzing = xtrue; then
+	AC_DEFINE([USE_FUZZING], [], [build code for fuzzing])
+fi
 
 # ====================================================
 #  options for enabled modules (see conf/Makefile.am)

src/libstrongswan/plugins/x509/x509_cert.c

@@ -217,6 +217,29 @@ struct private_x509_cert_t {
 	refcount_t ref;
 };
 
+/**
+ * Convert a generalName to a string
+ */
+static bool gn_to_string(identification_t *id, char **uri)
+{
+	int len;
+
+#ifdef USE_FUZZING
+	chunk_t proper;
+	chunk_printable(id->get_encoding(id), &proper, '?');
+	len = asprintf(uri, "%.*s", (int)proper.len, proper.ptr);
+	chunk_free(&proper);
+#else
+	len = asprintf(uri, "%Y", id);
+#endif
+	if (!len)
+	{
+		free(*uri);
+		return FALSE;
+	}
+	return len > 0;
+}
+
 /**
  * Destroy a CertificateDistributionPoint
  */
@@ -649,7 +672,7 @@ static bool parse_authorityInfoAccess(chunk_t blob, int level0,
 							}
 							DBG2(DBG_ASN, "  '%Y'", id);
 							if (accessMethod == OID_OCSP &&
-								asprintf(&uri, "%Y", id) > 0)
+								gn_to_string(id, &uri))
 							{
 								this->ocsp_uris->insert_last(this->ocsp_uris, uri);
 							}
@@ -818,12 +841,10 @@ static void add_cdps(linked_list_t *list, linked_list_t *uris,
 	enumerator_t *enumerator;
 	x509_cdp_t *cdp;
 	char *uri;
-	int len;
 
 	while (uris->remove_last(uris, (void**)&id) == SUCCESS)
 	{
-		len = asprintf(&uri, "%Y", id);
-		if (len > 0)
+		if (gn_to_string(id, &uri))
 		{
 			if (issuers->get_count(issuers))
 			{
@@ -847,10 +868,6 @@ static void add_cdps(linked_list_t *list, linked_list_t *uris,
 				list->insert_last(list, cdp);
 			}
 		}
-		else if (!len)
-		{
-			free(uri);
-		}
 		id->destroy(id);
 	}
 	while (issuers->remove_last(issuers, (void**)&id) == SUCCESS)