From 1421efa25e34f39d3acf1e9e16bec228a1440442 Mon Sep 17 00:00:00 2001 From: Werner Lewis Date: Mon, 27 Jun 2022 12:01:22 +0100 Subject: [PATCH] Fix case where final special char exceeds buffer Signed-off-by: Werner Lewis --- library/x509.c | 2 +- tests/suites/test_suite_x509parse.data | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/library/x509.c b/library/x509.c index c55d0387b6..3997ebd1f3 100644 --- a/library/x509.c +++ b/library/x509.c @@ -785,7 +785,7 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) if( c && strchr( ",=+<>#;\"\\", c ) ) { if( j + 1 >= sizeof( s ) - 1 ) - continue; + return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); s[j++] = '\\'; } if( c < 32 || c >= 127 ) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 0671606c74..066d6e49f5 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -423,6 +423,10 @@ X509 Get Modified DN #4 Name exactly 255 bytes, with comma requiring escaping depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"1234567890,1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL +X509 Get Modified DN #5 Name exactly 255 bytes, ending with comma requiring escaping +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234,":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL + X509 Time Expired #1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_from":1