Avoid allocating empty buffers when handling length-0 CRTs

commit: 7b8e11e724edd83687fdd97954f929fbcb9c309f [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Fri May 03 12:37:12 2019 +0100
committer: Hanno Becker <hanno.becker@arm.com> Tue Jun 25 09:10:57 2019 +0100
tree: ad5d9b11ba134e381396c874db4970d95512f799
parent: 0ed348a14ed36d459b7ceeda01efebaadd0f9db0 [diff]
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 75ea5e6..5834a4c 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -1445,7 +1445,11 @@
     }
     else
     {
-        crt->raw.p = mbedtls_calloc( 1, buflen );
+        /* Call mbedtls_calloc with buflen + 1 in order to avoid potential
+         * return of NULL in case of length 0 certificates, which we want
+         * to cleanly fail with MBEDTLS_ERR_X509_INVALID_FORMAT in the
+         * core parsing routine, but not here. */
+        crt->raw.p = mbedtls_calloc( 1, buflen + 1 );
         if( crt->raw.p == NULL )
             return( MBEDTLS_ERR_X509_ALLOC_FAILED );
         crt->raw.len = buflen;
commit	7b8e11e724edd83687fdd97954f929fbcb9c309f	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Fri May 03 12:37:12 2019 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Tue Jun 25 09:10:57 2019 +0100
tree	ad5d9b11ba134e381396c874db4970d95512f799
parent	0ed348a14ed36d459b7ceeda01efebaadd0f9db0 [diff]