Fix for PemToDer which was not properly handling extra new lines at end of file.

2025-07-30 18:57:27 +02:00 · 2018-08-08 12:34:33 -07:00
parent eca64717be
commit 7b83db0f65
2 changed files with 12 additions and 17 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -4508,10 +4508,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,

    /* process user chain */
    if (ret >= 0) {
-        /* First certificate in chain is loaded into ssl->buffers.certificate.
-         * Remainder are loaded into ssl->buffers.certChain.
-         * Chain should have server cert first, then intermediates, then root.
-         */
+        /* Chain should have server cert first, then intermediates, then root.
+         * First certificate in chain is processed below after ProcessUserChain
+         *   and is loaded into ssl->buffers.certificate.
+         * Remainder are processed using ProcessUserChain and are loaded into
+         *   ssl->buffers.certChain. */
        if (userChain) {
            ret = ProcessUserChain(ctx, buff, sz, format, type, ssl, used, info);
        }
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -8096,15 +8096,9 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
    consumedEnd = footerEnd + XSTRLEN(footer);

    if (consumedEnd < bufferEnd) {  /* handle no end of line on last line */
-        /* eat end of line */
-        if (consumedEnd[0] == '\n')
+        /* eat new line characters */
+        while (consumedEnd < bufferEnd && consumedEnd[0] == '\n') {
            consumedEnd++;
-        else if ((consumedEnd + 1 < bufferEnd) && consumedEnd[1] == '\n')
-            consumedEnd += 2;
-        else {
-            if (info)
-                info->consumed = (long)(consumedEnd+2 - (char*)buff);
-            return BUFFER_E;
        }
    }