Set next sequence of subject_alt_names to NULL Set the next sequence of the subject_alt_name to NULL when deleting sequence on failure in `get_subject_alt_name()`. Found by Philippe Antoine. Credit to OSS-Fuzz.

commit: 5aebeeb5f469ede0cd12839718fca66c05f9757b [log] [tgz]
author: Ron Eldor <Ron.Eldor@arm.com> Wed May 22 16:41:21 2019 +0300
committer: Ron Eldor <Ron.Eldor@arm.com> Wed May 22 16:50:24 2019 +0300
tree: b6e2787fcd18b5df563b7fff19d611ed25eb791f
parent: 31d143223357f8707c808e5ae3929b02deaa4476 [diff]
diff --git a/ChangeLog b/ChangeLog
index d333692..6ac3e78 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -46,6 +46,9 @@
      for the parameter.
    * Add a check for MBEDTLS_X509_CRL_PARSE_C in ssl_server2, guarding the crl
      sni entry parameter. Reported by inestlerode in #560.
+   * Set the next sequence of the subject_alt_name to NULL when deleting
+     sequence on failure. Found and fix suggested by Philippe Antoine.
+     Credit to OSS-Fuzz.
 
 API Changes
    * Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 708dbf7..dfd22f6 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -681,6 +681,7 @@
                                           sizeof( mbedtls_x509_sequence ) );
                 mbedtls_free( seq_prv );
             }
+            subject_alt_name->next = NULL;
             return( ret );
         }
commit	5aebeeb5f469ede0cd12839718fca66c05f9757b	[log] [tgz]
author	Ron Eldor <Ron.Eldor@arm.com>	Wed May 22 16:41:21 2019 +0300
committer	Ron Eldor <Ron.Eldor@arm.com>	Wed May 22 16:50:24 2019 +0300
tree	b6e2787fcd18b5df563b7fff19d611ed25eb791f
parent	31d143223357f8707c808e5ae3929b02deaa4476 [diff]