Add POLARSSL_X509_MAX_INTERMEDIATE_CA

commit: 4cdb3babaded415e3cc8e5a897754b46fa5a137c [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Nov 20 17:12:15 2014 +0100
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Nov 20 17:12:15 2014 +0100
tree: 90cd5e67b8a73cd3a56d01a0e2ad7d0068757991
parent: 6a095d23836c08c32df5c870ffe8a6f074db1126 [diff] [blame]
diff --git a/library/x509parse.c b/library/x509parse.c
index 2ac02e1..54110ba 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c

@@ -3502,6 +3502,13 @@
     unsigned char hash[64];
     x509_cert *grandparent;
 
+    /* path_cnt is 0 for the first intermediate CA */
+    if( 1 + path_cnt > POLARSSL_X509_MAX_INTERMEDIATE_CA )
+    {
+        *flags |= BADCERT_NOT_TRUSTED;
+        return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED );
+    }
+
     if( x509parse_time_expired( &child->valid_to ) )
         *flags |= BADCERT_EXPIRED;
commit	4cdb3babaded415e3cc8e5a897754b46fa5a137c	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Nov 20 17:12:15 2014 +0100
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Nov 20 17:12:15 2014 +0100
tree	90cd5e67b8a73cd3a56d01a0e2ad7d0068757991
parent	6a095d23836c08c32df5c870ffe8a6f074db1126 [diff] [blame]