From 7b8e11e724edd83687fdd97954f929fbcb9c309f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 3 May 2019 12:37:12 +0100 Subject: [PATCH] Avoid allocating empty buffers when handling length-0 CRTs --- library/x509_crt.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/x509_crt.c b/library/x509_crt.c index 75ea5e604..5834a4ce9 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1445,7 +1445,11 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, } else { - crt->raw.p = mbedtls_calloc( 1, buflen ); + /* Call mbedtls_calloc with buflen + 1 in order to avoid potential + * return of NULL in case of length 0 certificates, which we want + * to cleanly fail with MBEDTLS_ERR_X509_INVALID_FORMAT in the + * core parsing routine, but not here. */ + crt->raw.p = mbedtls_calloc( 1, buflen + 1 ); if( crt->raw.p == NULL ) return( MBEDTLS_ERR_X509_ALLOC_FAILED ); crt->raw.len = buflen;