From c34804dea2afd10c6dba10e349caefbdf7e0b0e1 Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Fri, 8 Sep 2023 11:32:19 +0100
Subject: [PATCH] Fix bug with checking max dn length with hexpairs

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 library/x509_create.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/library/x509_create.c b/library/x509_create.c
index 6ef33b0336..cb9fd69967 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -168,13 +168,16 @@ static int parse_attribute_value_string(const char *s,
                 }
                 *(d++) = n;
                 c++;
-                continue;
-            } else if (c == end || !strchr(" ,=+<>#;\"\\", *c)) {
+            } else if (c < end && strchr(" ,=+<>#;\"\\", *c)) {
+                *(d++) = *c;
+            } else {
                 return MBEDTLS_ERR_X509_INVALID_NAME;
             }
         }
+        else {
+            *(d++) = *c;
+        }
 
-        *(d++) = *c;
 
         if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) {
             return MBEDTLS_ERR_X509_INVALID_NAME;