commit 6417186365f4a73a719fff754fefe8edcef2bc28
author Paul Bakker <p.j.bakker@polarssl.org> Thu Jun 06 15:01:18 2013 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Thu Jun 06 15:01:18 2013 +0200
tree 0f46b2b0cf5930ab099f7b46163b8712894fca64
parent 9255e8300e550b548b54603c77585921f442e391

x509parse_crt() now better handles PEM error situations

Because of new pem_read_buffer() handling of when it writes use_len,
x509parse_crt() is able to better handle situations where a PEM blob
results in an error but the other blobs can still be parsed.

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 53a6095..59be48b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,7 @@
      supports secure renegotiation
    * Fixed offset for cert_type list in ssl_parse_certificate_request()
    * Fixed const correctness issues that have no impact on the ABI
+   * x509parse_crt() now better handles PEM error situations
 
 = Version 1.2.7 released 2013-04-13
 Features

library/x509parse.c

diff --git a/library/x509parse.c b/library/x509parse.c
index 2541eec..35f2729 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -1463,10 +1463,20 @@
                 buflen -= use_len;
                 buf += use_len;
             }
+            else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA )
+            {
+                return( ret );
+            }
             else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
             {
                 pem_free( &pem );
 
+                /*
+                 * PEM header and footer were found
+                 */
+                buflen -= use_len;
+                buf += use_len;
+
                 if( first_error == 0 )
                     first_error = ret;