From 0ece0f94f2656fd580de921dc1bfb8f83e11de0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 12 May 2015 12:43:54 +0200 Subject: [PATCH] Fix checks for nul-termination --- library/dhm.c | 2 +- library/pkparse.c | 10 +++++----- library/x509_crl.c | 2 +- library/x509_crt.c | 2 +- library/x509_csr.c | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index 92fd6110f..f09592a92 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -422,7 +422,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, mbedtls_pem_init( &pem ); /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( dhmin[dhminlen - 1] != '\0' ) + if( dhminlen == 0 || dhmin[dhminlen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, diff --git a/library/pkparse.c b/library/pkparse.c index edf6e315b..8e1aa6ea8 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1072,7 +1072,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #if defined(MBEDTLS_RSA_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if( keylen == 0 || key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1105,7 +1105,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #if defined(MBEDTLS_ECP_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if( keylen == 0 || key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1136,7 +1136,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #endif /* MBEDTLS_ECP_C */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if( keylen == 0 || key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1159,7 +1159,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if( keylen == 0 || key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1257,7 +1257,7 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, mbedtls_pem_init( &pem ); /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if( keylen == 0 || key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, diff --git a/library/x509_crl.c b/library/x509_crl.c index fc4b2dfdf..e193919b3 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -505,7 +505,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s mbedtls_pem_init( &pem ); /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buf[buflen - 1] != '\0' ) + if( buflen == 0 || buf[buflen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, diff --git a/library/x509_crt.c b/library/x509_crt.c index 059b60f47..11eb7cf18 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -852,7 +852,7 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, s * one or more PEM certificates. */ #if defined(MBEDTLS_PEM_PARSE_C) - if( buf[buflen - 1] == '\0' && + if( buflen != 0 && buf[buflen - 1] == '\0' && strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) { buf_format = MBEDTLS_X509_FORMAT_PEM; diff --git a/library/x509_csr.c b/library/x509_csr.c index 5ec1b8694..ebf88974b 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -276,7 +276,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz mbedtls_pem_init( &pem ); /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buf[buflen - 1] != '\0' ) + if( buflen == 0 || buf[buflen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem,