Avoid use of large stack buffers in mbedtls_x509_write_crt_pem()
This commit rewrites mbedtls_x509write_crt_pem() to not use a statically size stack buffer to temporarily store the DER encoded form of the certificate to be written. This is not necessary because the DER-to-PEM conversion accepts overlapping input and output buffers.
This commit is contained in:
parent
4063ad22b3
commit
67d42597a9
1 changed files with 4 additions and 5 deletions
|
@ -527,18 +527,17 @@ int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt,
|
|||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
unsigned char output_buf[4096];
|
||||
size_t olen = 0;
|
||||
size_t olen;
|
||||
|
||||
if( ( ret = mbedtls_x509write_crt_der( crt, output_buf, sizeof(output_buf),
|
||||
if( ( ret = mbedtls_x509write_crt_der( crt, buf, size,
|
||||
f_rng, p_rng ) ) < 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT,
|
||||
output_buf + sizeof(output_buf) - ret,
|
||||
ret, buf, size, &olen ) ) != 0 )
|
||||
buf + size - ret, ret,
|
||||
buf, size, &olen ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue