diff --git a/library/x509_crt.c b/library/x509_crt.c index 0eee97cb66..289f0c5efd 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -645,8 +645,6 @@ static int x509_get_subject_alt_name( unsigned char **p, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len, tag_len; - mbedtls_asn1_buf *buf; - unsigned char tag; mbedtls_asn1_sequence *cur = subject_alt_name; /* Get main sequence tag */ @@ -661,14 +659,19 @@ static int x509_get_subject_alt_name( unsigned char **p, while( *p < end ) { mbedtls_x509_subject_alternative_name dummy_san_buf; + mbedtls_x509_buf tmp_san_buf; memset( &dummy_san_buf, 0, sizeof( dummy_san_buf ) ); - tag = **p; + tmp_san_buf.tag = **p; (*p)++; + if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 ) return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); - if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) != + tmp_san_buf.p = *p; + tmp_san_buf.len = tag_len; + + if( ( tmp_san_buf.tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) != MBEDTLS_ASN1_CONTEXT_SPECIFIC ) { return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, @@ -678,7 +681,7 @@ static int x509_get_subject_alt_name( unsigned char **p, /* * Check that the SAN is structured correctly. */ - ret = mbedtls_x509_parse_subject_alt_name( &(cur->buf), &dummy_san_buf ); + ret = mbedtls_x509_parse_subject_alt_name( &tmp_san_buf, &dummy_san_buf ); /* * In case the extension is malformed, return an error, * and clear the allocated sequences. @@ -705,11 +708,8 @@ static int x509_get_subject_alt_name( unsigned char **p, cur = cur->next; } - buf = &(cur->buf); - buf->tag = tag; - buf->p = *p; - buf->len = tag_len; - *p += buf->len; + cur->buf = tmp_san_buf; + *p += tmp_san_buf.len; } /* Set final sequence entry's next pointer to NULL */