TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-03 02:56:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1487 from davidhorstmann-arm/fix-null-pointer-dereference

Browse Source 
Fix null pointer dereference in `mbedtls_x509_string_to_names()`
This commit is contained in:
Manuel Pégourié-Gonnard
2026-03-09 12:43:08 +01:00
committed by GitHub
parent b6c3aa7f31 2acb9a2e7b
commit fe2599ea82
2 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog.d/fix-null-pointer-dereference.txt Normal file
View File

@@ -0,0 +1,4 @@
Security
* Fix a NULL pointer dereference in mbedtls_x509_string_to_names() when
mbedtls_calloc() fails to allocate memory. This was caused by failing to
check whether mbedtls_calloc() returned NULL.

3
library/x509_create.c
View File

@@ -487,6 +487,9 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam
} else {
oid.len = strlen(attr_descr->oid);
oid.p = mbedtls_calloc(1, oid.len);
if (oid.p == NULL) {
return MBEDTLS_ERR_X509_ALLOC_FAILED;
}
memcpy(oid.p, attr_descr->oid, oid.len);
numericoid = 0;
}