Reject escaped null hexpairs in DNs Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>

commit: 9caaa6d967cb5a2ae4dac243ee3e3c0a30ed16f8 [log] [tgz]
author: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com> Mon Aug 14 15:38:39 2023 +0100
committer: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com> Tue Aug 22 10:39:56 2023 +0100
tree: 679b7c34eaa3ba0216b812db9c8b09926f6ca360
parent: 01e9392c3f28f3055e45a07f9f7c322283388d9f [diff] [blame]
diff --git a/library/x509_create.c b/library/x509_create.c
index 6ce15f9..500f213 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c

@@ -187,6 +187,9 @@
 
             /* Check for valid escaped characters in RFC 4514 in Section 3*/
             if (c + 1 < end && (n = hexpair_to_int(*c, *(c+1))) != -1) {
+                if(n == 0) {
+                    return MBEDTLS_ERR_X509_INVALID_NAME;
+                }
                 hexpair = 1;
                 *(d++) = n;
                 c++;
commit	9caaa6d967cb5a2ae4dac243ee3e3c0a30ed16f8	[log] [tgz]
author	Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	Mon Aug 14 15:38:39 2023 +0100
committer	Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	Tue Aug 22 10:39:56 2023 +0100
tree	679b7c34eaa3ba0216b812db9c8b09926f6ca360
parent	01e9392c3f28f3055e45a07f9f7c322283388d9f [diff] [blame]