- Added input handling for x509parse_crt()
- Prevented memory leak by only adding new certificate if needed in x509parse_crt() - Add certificate before parsing if chain is 'full' in x509parse_crt()
This commit is contained in:
parent
ef75f25be7
commit
320a4b59a8
1 changed files with 38 additions and 13 deletions
|
@ -657,9 +657,32 @@ int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen )
|
||||||
|
|
||||||
crt = chain;
|
crt = chain;
|
||||||
|
|
||||||
while( crt->version != 0 )
|
/*
|
||||||
|
* Check for valid input
|
||||||
|
*/
|
||||||
|
if( crt == NULL || buf == NULL )
|
||||||
|
return( 1 );
|
||||||
|
|
||||||
|
while( crt->version != 0 || crt->next != NULL )
|
||||||
crt = crt->next;
|
crt = crt->next;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Add new certificate on the end of the chain if needed.
|
||||||
|
*/
|
||||||
|
if ( crt->next == NULL)
|
||||||
|
{
|
||||||
|
crt->next = (x509_cert *) malloc( sizeof( x509_cert ) );
|
||||||
|
|
||||||
|
if( crt->next == NULL )
|
||||||
|
{
|
||||||
|
x509_free( crt );
|
||||||
|
return( 1 );
|
||||||
|
}
|
||||||
|
|
||||||
|
crt = crt->next;
|
||||||
|
memset( crt, 0, sizeof( x509_cert ) );
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* check if the certificate is encoded in base64
|
* check if the certificate is encoded in base64
|
||||||
*/
|
*/
|
||||||
|
@ -942,7 +965,7 @@ int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( memcmp( crt->sig_oid1.p, crt->sig_oid2.p, 9 ) != 0 )
|
if( memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 )
|
||||||
{
|
{
|
||||||
x509_free( crt );
|
x509_free( crt );
|
||||||
return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH );
|
return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH );
|
||||||
|
@ -961,6 +984,8 @@ int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen )
|
||||||
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( buflen > 0 )
|
||||||
|
{
|
||||||
crt->next = (x509_cert *) malloc( sizeof( x509_cert ) );
|
crt->next = (x509_cert *) malloc( sizeof( x509_cert ) );
|
||||||
|
|
||||||
if( crt->next == NULL )
|
if( crt->next == NULL )
|
||||||
|
@ -972,8 +997,8 @@ int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen )
|
||||||
crt = crt->next;
|
crt = crt->next;
|
||||||
memset( crt, 0, sizeof( x509_cert ) );
|
memset( crt, 0, sizeof( x509_cert ) );
|
||||||
|
|
||||||
if( buflen > 0 )
|
|
||||||
return( x509parse_crt( crt, buf, buflen ) );
|
return( x509parse_crt( crt, buf, buflen ) );
|
||||||
|
}
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue