From 6c379b4b8091ede8d28becc6bf36c7a7c59c3b37 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Fri, 10 May 2019 14:17:16 +0100
Subject: [PATCH] Propogate error when parsing SubjectAltNames

The previous behaviour of mbedtls_x509_parse_subject_alternative_name()
was to silently ignore errors coming from x509_get_other_name(). The
current commit fixes it and returns with an error.
---
 library/x509_crt.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index a01b53c3c..047e4e6e2 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1823,8 +1823,9 @@ int mbedtls_x509_parse_subject_alternative_name( const mbedtls_x509_crt *crt,
                          * In case MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned,
                          * then the "otherName" is of an unsupported type. Ignore.
                          */
-                        if( ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE )
-                            ret = 0;
+                        if( ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE )
+                            return MBEDTLS_ERR_X509_INVALID_FORMAT;
+
                         cur = cur->next;
                         continue;
                     }