Deref pointer when using sizeof in x509_get_other_name
Fix for #2716.
diff --git a/ChangeLog b/ChangeLog
index a461008..23b62b4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -74,6 +74,7 @@
irwir.
* Enable Suite B with subset of ECP curves. Make sure the code compiles even
if some curves are not defined. Fixes #1591 reported by dbedev.
+ * Fix partial zeroing in x509_get_other_name. Found and fixed by ekse, #2716.
API Changes
* Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
diff --git a/library/x509_crt.c b/library/x509_crt.c
index d101bc7..b2c19db 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1687,7 +1687,7 @@
if( p + len >= end )
{
- mbedtls_platform_zeroize( other_name, sizeof( other_name ) );
+ mbedtls_platform_zeroize( other_name, sizeof( *other_name ) );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
@@ -1709,7 +1709,7 @@
if( p + len >= end )
{
- mbedtls_platform_zeroize( other_name, sizeof( other_name ) );
+ mbedtls_platform_zeroize( other_name, sizeof( *other_name ) );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
@@ -1725,7 +1725,7 @@
if( p != end )
{
mbedtls_platform_zeroize( other_name,
- sizeof( other_name ) );
+ sizeof( *other_name ) );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
