x509write_crt: reject serial longer than X509_RFC5280_MAX_SERIAL_LEN Signed-off-by: Valerio Setti <vsetti@baylibre.com>

commit: b37f6c1b95815d39fea26b2a17e318602eefe709 [log] [tgz]
author: Valerio Setti <vsetti@baylibre.com> Fri Jan 13 08:39:36 2023 +0100
committer: Valerio Setti <vsetti@baylibre.com> Fri Jan 13 08:39:36 2023 +0100
tree: 29107be6ef6b269ae203631a6bd48dc99a808830
parent: 160df1d13621ca3ee70e1fa19d0da88398da9683 [diff] [blame]
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 4a65939..a8f4c28 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c

@@ -100,6 +100,10 @@
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
+    if (mbedtls_mpi_size(serial) > MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN) {
+        return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+    }
+
     if ((ret = mbedtls_mpi_copy(&ctx->serial, serial)) != 0) {
         return ret;
     }
commit	b37f6c1b95815d39fea26b2a17e318602eefe709	[log] [tgz]
author	Valerio Setti <vsetti@baylibre.com>	Fri Jan 13 08:39:36 2023 +0100
committer	Valerio Setti <vsetti@baylibre.com>	Fri Jan 13 08:39:36 2023 +0100
tree	29107be6ef6b269ae203631a6bd48dc99a808830
parent	160df1d13621ca3ee70e1fa19d0da88398da9683 [diff] [blame]