TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 4d3fc216fca8e2c4ec145cf3abef957d6d7da2d3^! / . / library / x509.c
commit4d3fc216fca8e2c4ec145cf3abef957d6d7da2d3[log] [tgz]
authorPrzemek Stekiel <przemyslaw.stekiel@mobica.com>Tue Jun 06 11:40:32 2023 +0200
committerPrzemek Stekiel <przemyslaw.stekiel@mobica.com>Tue Jun 06 11:44:25 2023 +0200
treec5f823772d5a9d559705e9f4785bda64e52a8857
parent63973ab80e090d9daabe43125cf6d206f5297789 [diff] [blame]
Use safe snprintf

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

diff --git a/library/x509.c b/library/x509.c
index 130d4e7..6e16c4c 100644
--- a/library/x509.c
+++ b/library/x509.c

@@ -1592,7 +1592,6 @@
             /*
              * dNSName
              * RFC822 Name
-             * iPAddress
              */
             case MBEDTLS_X509_SAN_DNS_NAME:
             case MBEDTLS_X509_SAN_RFC822_NAME:
@@ -1633,25 +1632,24 @@
                     return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
                 }
 
-                int len = 0;
                 unsigned char *ip = san.san.unstructured_name.p;
                 // Only IPv6 (16 bytes) and IPv4 (4 bytes) types are supported
                 if (san.san.unstructured_name.len == 4) {
-                    len = mbedtls_snprintf(p, n, "%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]);
+                    ret = mbedtls_snprintf(p, n, "%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]);
+                    MBEDTLS_X509_SAFE_SNPRINTF;
                 } else if (san.san.unstructured_name.len == 16) {
-                    len = mbedtls_snprintf(p, n,
+                    ret = mbedtls_snprintf(p, n,
                                            "%X%X:%X%X:%X%X:%X%X:%X%X:%X%X:%X%X:%X%X",
                                            ip[0], ip[1], ip[2], ip[3], ip[4], ip[5], ip[6],
-                                           ip[7], ip[8], ip[9], ip[10], ip[11], ip[12],ip[13],
+                                           ip[7], ip[8], ip[9], ip[10], ip[11], ip[12], ip[13],
                                            ip[14], ip[15]);
+                    MBEDTLS_X509_SAFE_SNPRINTF;
                 } else {
                     if (n > 0) {
                         *p = '\0';
                     }
                     return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
                 }
-                p += len;
-                n -= len;
             }
             break;
             /*