feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Adding check for invalid SAN ext with no entries

Browse Source
This commit is contained in:
Eric Blankenhorn
2020-04-09 16:49:52 -05:00
parent 2bf9dc4037
commit 7d82c4e3f2
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/asn.c
View File

@ -7635,6 +7635,13 @@ static int DecodeAltNames(const byte* input, int sz, DecodedCert* cert)
return ASN_PARSE_E; return ASN_PARSE_E;
} }
if (length == 0) {
/* RFC 5280 4.2.1.6. Subject Alternative Name
If the subjectAltName extension is present, the sequence MUST
contain at least one entry. */
return ASN_PARSE_E;
}
cert->weOwnAltNames = 1; cert->weOwnAltNames = 1;
while (length > 0) { while (length > 0) {