Manuel Pégourié-Gonnard | 5f6310b | 2025-05-26 12:38:52 +0200 | [diff] [blame] | 1 | Security |
Manuel Pégourié-Gonnard | dc82fa6 | 2025-05-28 13:10:44 +0200 | [diff] [blame^] | 2 | * Fix a bug in mbedtls_x509_string_to_names() and the |
| 3 | mbedtls_x509write_{crt,csr}_set_{subject,issuer}_name() functions, |
| 4 | where some inputs would cause an inconsistent state to be reached, causing |
| 5 | a NULL dereference either in the function itself, or in subsequent |
Manuel Pégourié-Gonnard | 5f6310b | 2025-05-26 12:38:52 +0200 | [diff] [blame] | 6 | users of the output structure, such as mbedtls_x509_write_names(). This |
| 7 | only affects applications that create (as opposed to consume) X.509 |
Manuel Pégourié-Gonnard | dc82fa6 | 2025-05-28 13:10:44 +0200 | [diff] [blame^] | 8 | certificates, CSRs or CRLs. Found by Linh Le and Ngan Nguyen from Calif. |