From fbe751f532f8bb43fc2149c989c177e26180c321 Mon Sep 17 00:00:00 2001
From: Andres Amaya Garcia <Andres.AmayaGarcia@arm.com>
Date: Wed, 15 Nov 2017 11:09:04 +0000
Subject: [PATCH] Ensure that x509_ocsp_is_issuer sets issuer var

Ensure that the internal function x509_ocsp_is_issuer() sets the in/out
issuer pointer to NULL when the supplied certificate is not the issuer
of the OCSP response.
---
 library/x509_ocsp.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/x509_ocsp.c b/library/x509_ocsp.c
index dfa561a438..8559082cad 100644
--- a/library/x509_ocsp.c
+++ b/library/x509_ocsp.c
@@ -1226,6 +1226,8 @@ static int x509_ocsp_is_issuer( mbedtls_x509_ocsp_responder_id *responder_id,
 {
     int ret;
 
+    *issuer = NULL;
+
     switch( responder_id->type )
     {
         case MBEDTLS_X509_OCSP_RESPONDER_ID_TYPE_NAME:
@@ -1246,8 +1248,6 @@ static int x509_ocsp_is_issuer( mbedtls_x509_ocsp_responder_id *responder_id,
                 return( ret );
             else if( ret == 0 )
                 *issuer = crt;
-            else
-                *issuer = NULL;
 
             return( 0 );