1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-18 05:01:50 +03:00

Merge pull request from waleed-elmelegy-arm/fix-null-dereference-in-x509-cert-req

Fix possible NULL dereference issue in X509 cert_req program
This commit is contained in:
Paul Elliott
2023-10-18 09:01:31 +00:00
committed by GitHub
2 changed files with 7 additions and 0 deletions

@ -0,0 +1,3 @@
Bugfix
* Fix possible NULL dereference issue in X509 cert_req program if an entry
in the san parameter is not separated by a colon.

@ -261,6 +261,10 @@ usage:
if ((subtype_value = strchr(q, ':')) != NULL) { if ((subtype_value = strchr(q, ':')) != NULL) {
*subtype_value++ = '\0'; *subtype_value++ = '\0';
} else {
mbedtls_printf(
"Invalid argument for option SAN: Entry must be of the form TYPE:value\n");
goto usage;
} }
if (strcmp(q, "RFC822") == 0) { if (strcmp(q, "RFC822") == 0) {
cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME; cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME;