summaryrefslogtreecommitdiff
path: root/src/pki/commands/signcrl.c
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2016-10-20 16:18:38 +0200
committerYves-Alexis Perez <corsac@debian.org>2016-10-20 16:18:38 +0200
commit88f22dbc6ddb53ac5b40db1d317548b0408718c9 (patch)
tree923fc438bad68d2583b27c12036a6883d73bd5f9 /src/pki/commands/signcrl.c
parent3bba989a734d13493279f8c1266176ebb1f670bd (diff)
parent25663e04c3ab01ef8dc9f906608282319cfea2db (diff)
downloadvyos-strongswan-88f22dbc6ddb53ac5b40db1d317548b0408718c9.tar.gz
vyos-strongswan-88f22dbc6ddb53ac5b40db1d317548b0408718c9.zip
Merge tag 'upstream/5.5.1'
Upstream version 5.5.1
Diffstat (limited to 'src/pki/commands/signcrl.c')
-rw-r--r--src/pki/commands/signcrl.c18
1 files changed, 11 insertions, 7 deletions
diff --git a/src/pki/commands/signcrl.c b/src/pki/commands/signcrl.c
index 6c27289f9..b9cf9c466 100644
--- a/src/pki/commands/signcrl.c
+++ b/src/pki/commands/signcrl.c
@@ -369,18 +369,22 @@ static int sign_crl()
}
else
{
- crl_serial = chunk_from_chars(0x00);
+ if (!crl_serial.ptr)
+ {
+ crl_serial = chunk_from_chars(0x00);
+ }
lastenum = enumerator_create_empty();
}
- /* remove superfluous leading zeros */
- while (crl_serial.len > 1 && crl_serial.ptr[0] == 0x00 &&
- (crl_serial.ptr[1] & 0x80) == 0x00)
+ if (!crl_serial.len || crl_serial.ptr[0] & 0x80)
+ { /* add leading 0x00 to handle potential overflow if serial is encoded
+ * incorrectly */
+ crl_serial = chunk_cat("cc", chunk_from_chars(0x00), crl_serial);
+ }
+ else
{
- crl_serial = chunk_skip_zero(crl_serial);
+ crl_serial = chunk_clone(crl_serial);
}
- crl_serial = chunk_clone(crl_serial);
-
/* increment the serial number by one */
chunk_increment(crl_serial);
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-25 14:34:51 +0000