X.509: Fix v3 parsing with issuerUniqueID/subjectUniqueID present

The current position pointer was not updated when issuerUniqueID or
subjectUniqueID were present. This could result in extensions being
ignored.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c
index 06540bffd61eca0bdde58798348c2f2366fc4e81..a9483cb7fc2f1575b23984b799e34b62459c250e 100644 (file)
--- a/src/tls/x509v3.c
+++ b/src/tls/x509v3.c
@@ -1348,7 +1348,8 @@ static int x509_parse_tbs_certificate(const u8 *buf, size_t len,
                wpa_printf(MSG_DEBUG, "X509: issuerUniqueID");
                /* TODO: parse UniqueIdentifier ::= BIT STRING */
 
-               if (hdr.payload + hdr.length == end)
+               pos = hdr.payload + hdr.length;
+               if (pos == end)
                        return 0;
 
                if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
@@ -1366,7 +1367,8 @@ static int x509_parse_tbs_certificate(const u8 *buf, size_t len,
                wpa_printf(MSG_DEBUG, "X509: subjectUniqueID");
                /* TODO: parse UniqueIdentifier ::= BIT STRING */
 
-               if (hdr.payload + hdr.length == end)
+               pos = hdr.payload + hdr.length;
+               if (pos == end)
                        return 0;
 
                if (asn1_get_next(pos, end - pos, &hdr) < 0 ||