Fix CRL parsing to avoid infinite loop

This patch modifies the function mbedtls_x509_crl_parse() to ensure that a CRL in PEM format with trailing characters after the footer does not result in the execution of an infinite loop.
2016-12-08 17:08:44 +00:00 · 2016-12-08 17:08:44 +00:00 · 7cd7cf0ebe
commit 7cd7cf0ebe
parent 41ce6e6076
2 changed files with 10 additions and 1 deletions
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@ -529,7 +529,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s

            mbedtls_pem_free( &pem );
        }
-        else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+        else if( is_pem )
        {
            mbedtls_pem_free( &pem );
            return( ret );