diff --git a/ChangeLog b/ChangeLog index 4fbd4b664..993bbea19 100644 --- a/ChangeLog +++ b/ChangeLog @@ -39,6 +39,7 @@ Bugfix #52) * Handle encryption with private key and decryption with public key as per RFC 2313 + * Handle empty certificate subject names Security * Fixed potential memory corruption on miscrafted client messages (found by diff --git a/library/x509parse.c b/library/x509parse.c index 883ea251e..a43c6d4e3 100644 --- a/library/x509parse.c +++ b/library/x509parse.c @@ -1263,7 +1263,7 @@ int x509parse_crt_der( x509_cert *crt, const unsigned char *buf, size_t buflen ) return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret ); } - if( ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) + if( len && ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) { x509_free( crt ); return( ret ); @@ -2518,6 +2518,12 @@ int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) while( name != NULL ) { + if( !name->oid.p ) + { + name = name->next; + continue; + } + if( name != dn ) { ret = snprintf( p, n, ", " );