parse_pem_cert_mem: fixed issue resulting to accessing past the input data

author Nikos Mavrogiannopoulos <nmav@gnutls.org>

Sat, 15 Jul 2017 16:52:33 +0000 (18:52 +0200)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Mon, 17 Jul 2017 13:45:16 +0000 (15:45 +0200)
author Nikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 15 Jul 2017 16:52:33 +0000 (18:52 +0200)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 17 Jul 2017 13:45:16 +0000 (15:45 +0200)
diff --git a/lib/x509.c b/lib/x509.c

index af231441bf802d365b7f24a45b374a422ea4b8c0..3e64fb14a817c63b54bc8a5e3575eb182edd96b0 100644 (file)
--- a/lib/x509.c
+++ b/lib/x509.c
@@ -590,9 +590,10 @@ parse_pem_cert_mem(gnutls_certificate_credentials_t res,
                 /* now we move ptr after the pem header 
                  */
                 ptr++;
+               size--;
+
                 /* find the next certificate (if any)
                  */
-               size = input_cert_size - (ptr - input_cert);
  
                 if (size > 0) {
                         char *ptr3;
@@ -605,6 +606,7 @@ parse_pem_cert_mem(gnutls_certificate_credentials_t res,
                                               sizeof(PEM_CERT_SEP2) - 1);
  
                         ptr = ptr3;
+                       size = input_cert_size - (ptr - input_cert);
                 } else
                         ptr = NULL;
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>
	Sat, 15 Jul 2017 16:52:33 +0000 (18:52 +0200)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Mon, 17 Jul 2017 13:45:16 +0000 (15:45 +0200)