From: Jouni Malinen <j@w1.fi>
Date: Sat, 13 Mar 2021 21:09:28 +0000 (+0200)
Subject: ASN.1: Verify that NULL value has zero length
X-Git-Tag: hostap_2_10~423
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9bf4c0539b26acfb7dc21910e6ee444d37e29935;p=thirdparty%2Fhostap.git

ASN.1: Verify that NULL value has zero length

This value is required to contain no octets, so verify that its length
octet agrees with that.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/tls/asn1.c b/src/tls/asn1.c
index ee9a3afdf..970f680c1 100644
--- a/src/tls/asn1.c
+++ b/src/tls/asn1.c
@@ -129,6 +129,8 @@ static int asn1_valid_der(struct asn1_hdr *hdr)
 		return 1;
 	if (hdr->tag == ASN1_TAG_BOOLEAN && !asn1_valid_der_boolean(hdr))
 		return 0;
+	if (hdr->tag == ASN1_TAG_NULL && hdr->length != 0)
+		return 0;
 	return 1;
 }