lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-03 13:22:02 +03:00
Code

Merge pull request from waleed-elmelegy-arm/fix-null-dereference-in-x509-cert-req

Browse Source 
Fix possible NULL dereference issue in X509 cert_req program
This commit is contained in:
Paul Elliott 2023-10-18 09:01:31 +00:00 committed by GitHub
commit d44ee9e6d1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 0 deletions

3
ChangeLog.d/fix-issue-x509-cert_req.txt Normal file

@ -0,0 +1,3 @@
Bugfix
* Fix possible NULL dereference issue in X509 cert_req program if an entry
in the san parameter is not separated by a colon.

4
programs/x509/cert_req.c

@ -261,6 +261,10 @@ usage:
if ((subtype_value = strchr(q, ':')) != NULL) { if ((subtype_value = strchr(q, ':')) != NULL) {
*subtype_value++ = '\0'; *subtype_value++ = '\0';
} else {
mbedtls_printf(
"Invalid argument for option SAN: Entry must be of the form TYPE:value\n");
goto usage;
} }
if (strcmp(q, "RFC822") == 0) { if (strcmp(q, "RFC822") == 0) {
cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME; cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME;