Propogate error when parsing SubjectAltNames The previous behaviour of mbedtls_x509_parse_subject_alternative_name() was to silently ignore errors coming from x509_get_other_name(). The current commit fixes it and returns with an error.

commit: 6c379b4b8091ede8d28becc6bf36c7a7c59c3b37 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Fri May 10 14:17:16 2019 +0100
committer: Janos Follath <janos.follath@arm.com> Fri May 10 14:17:16 2019 +0100
tree: 56df8d4122d8c3c56b8e311ba8376b5d5ae359dc
parent: 2f0ec1e3bf4a02d64251826231284044972f7f4f [diff] [blame]
diff --git a/library/x509_crt.c b/library/x509_crt.c
index a01b53c..047e4e6 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -1823,8 +1823,9 @@
                          * In case MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned,
                          * then the "otherName" is of an unsupported type. Ignore.
                          */
-                        if( ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE )
-                            ret = 0;
+                        if( ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE )
+                            return MBEDTLS_ERR_X509_INVALID_FORMAT;
+
                         cur = cur->next;
                         continue;
                     }
commit	6c379b4b8091ede8d28becc6bf36c7a7c59c3b37	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Fri May 10 14:17:16 2019 +0100
committer	Janos Follath <janos.follath@arm.com>	Fri May 10 14:17:16 2019 +0100
tree	56df8d4122d8c3c56b8e311ba8376b5d5ae359dc
parent	2f0ec1e3bf4a02d64251826231284044972f7f4f [diff] [blame]