From c448c94fe3253ca8a2c2951b3ce1ecb03053c351 Mon Sep 17 00:00:00 2001
From: Nick Child <nick.child@ibm.com>
Date: Thu, 1 Jul 2021 15:29:50 -0400
Subject: [PATCH] pkcs7: pkcs7_get_content_info_type should reset *p on error

The function `pkcs7_asn1_get_tag` should return an update pointer only
on success. Currently, the pointer is being updated on a failure case.
This commit resets *p to start if the first call to
mbedtls_asn1_get_tag fails.

Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Nick Child <nick.child@ibm.com>
---
 library/pkcs7.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/library/pkcs7.c b/library/pkcs7.c
index 5563f330ee..8c2a3ecaf3 100644
--- a/library/pkcs7.c
+++ b/library/pkcs7.c
@@ -107,8 +107,10 @@ static int pkcs7_get_content_info_type( unsigned char **p, unsigned char *end,
 
     ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
                                             | MBEDTLS_ASN1_SEQUENCE );
-    if( ret != 0 )
+    if( ret != 0 ) {
+        *p = start;
         return( MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO + ret );
+    }
 
     ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_OID );
     if( ret != 0 ) {