Disallow leading zeroes when parsing IPv4 addresses
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 874d8f6..61929be 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2667,7 +2667,6 @@
static int x509_inet_pton_ipv4(const char *src, void *dst)
{
- /* note: allows leading 0's, e.g. 000.000.000.000 */
const unsigned char *p = (const unsigned char *) src;
uint8_t *res = (uint8_t *) dst;
uint8_t digit, num_digits = 0;
@@ -2681,6 +2680,13 @@
if (digit > 9) {
break;
}
+
+ /* Don't allow leading zeroes. These might mean octal format,
+ * which this implementation does not support. */
+ if (octet == 0 && num_digits > 0) {
+ break;
+ }
+
octet = octet * 10 + digit;
num_digits++;
p++;
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index a6b001f..251cb0f 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -1046,6 +1046,12 @@
X509 CRT parse CN: IPv4 valid address
x509_crt_parse_cn_inet_pton:"10.10.10.10":"0A0A0A0A":4
+X509 CRT parse CN: IPv4 leading zeroes #1
+x509_crt_parse_cn_inet_pton:"010.10.10.10":"":0
+
+X509 CRT parse CN: IPv4 leading zeroes #2
+x509_crt_parse_cn_inet_pton:"10.10.10.001":"":0
+
X509 CRT parse CN: IPv4 excess 0s
x509_crt_parse_cn_inet_pton:"10.0000.10.10":"":0