From 022f86f108890c14f2cb7e821a1bcdcec29f7f13 Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Tue, 22 Aug 2023 16:56:04 +0100
Subject: [PATCH] Prevent output of escaped null characters dn gets

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 library/x509.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/library/x509.c b/library/x509.c
index f574055e1..42839e8f8 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -919,7 +919,10 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn)
 
                 c = name->val.p[i];
                 // Special characters requiring escaping, RFC 4514 Section 2.4
-                if (c) {
+                if (c == '\0') {
+                    return MBEDTLS_ERR_X509_INVALID_NAME;
+                }
+                else {
                     if (strchr(",=+<>;\"\\", c) ||
                         ((i == 0) && strchr("# ", c)) ||
                         ((i == name->val.len-1) && (c == ' '))) {