From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 28 Jul 2016 08:37:00 +0000 (+0200)
Subject: x509: parse_tlsfeatures: move limit check at the point of addition
X-Git-Tag: gnutls_3_5_3~50
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=31ababffacb52d8d0565971349c7eb798cd2ca69;p=thirdparty%2Fgnutls.git

x509: parse_tlsfeatures: move limit check at the point of addition

This prevents appending failures when verifying chains on certificates
which use the maximum allowed number of features. Suggested by Tim
Kosse.
---

diff --git a/lib/x509/x509_ext.c b/lib/x509/x509_ext.c
index 4e9af34bed..ab31ac30bd 100644
--- a/lib/x509/x509_ext.c
+++ b/lib/x509/x509_ext.c
@@ -3180,11 +3180,6 @@ static int parse_tlsfeatures(ASN1_TYPE c2, gnutls_x509_tlsfeatures_t f, unsigned
 			return GNUTLS_E_CERTIFICATE_ERROR;
 		}
 
-		if (f->size >= sizeof(f->feature)/sizeof(f->feature[0])) {
-			gnutls_assert();
-			return GNUTLS_E_INTERNAL_ERROR;
-		}
-
 		/* skip duplicates */
 		for (j=0;j<f->size;j++) {
 			if (f->feature[j] == feature) {
@@ -3194,6 +3189,11 @@ static int parse_tlsfeatures(ASN1_TYPE c2, gnutls_x509_tlsfeatures_t f, unsigned
 		}
 
 		if (!skip) {
+			if (f->size >= sizeof(f->feature)/sizeof(f->feature[0])) {
+				gnutls_assert();
+				return GNUTLS_E_INTERNAL_ERROR;
+			}
+
 			indx = f->size;
 			f->feature[indx] = feature;
 			f->size++;