From ac97af223eda0358413dee5349d6912d82d891f8 Mon Sep 17 00:00:00 2001
From: Waleed Elmelegy <waleed.elmelegy@arm.com>
Date: Thu, 12 Oct 2023 15:46:06 +0100
Subject: [PATCH] Fix possible NULL dereference issue in X509 cert_req program

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
---
 programs/x509/cert_req.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 558d8cc73..bc4eb80d5 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -261,6 +261,9 @@ usage:
 
                 if ((subtype_value = strchr(q, ':')) != NULL) {
                     *subtype_value++ = '\0';
+                } else {
+                    mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n");
+                    goto usage;
                 }
                 if (strcmp(q, "RFC822") == 0) {
                     cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME;