Merge pull request #8351 from waleed-elmelegy-arm/fix-null-dereference-in-x509-cert-req

Fix possible NULL dereference issue in X509 cert_req program
This commit is contained in:
Paul Elliott 2023-10-18 09:01:31 +00:00 committed by GitHub
commit d44ee9e6d1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 0 deletions

View file

@ -0,0 +1,3 @@
Bugfix
* Fix possible NULL dereference issue in X509 cert_req program if an entry
in the san parameter is not separated by a colon.

View file

@ -261,6 +261,10 @@ usage:
if ((subtype_value = strchr(q, ':')) != NULL) {
*subtype_value++ = '\0';
} else {
mbedtls_printf(
"Invalid argument for option SAN: Entry must be of the form TYPE:value\n");
goto usage;
}
if (strcmp(q, "RFC822") == 0) {
cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME;