fix(auth): reject junk after certificates

Certificates must not allow trailing junk after them. Change-Id: Ie33205fb051fc63af5b72c326822da7f62eec1d1 Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years ago · ca34dbc0cd
1 changed files with 1 additions and 1 deletions
--- a/drivers/auth/mbedtls/mbedtls_x509_parser.c
+++ b/drivers/auth/mbedtls/mbedtls_x509_parser.c
@ -178,7 +178,7 @@ static int cert_parse(void *img, unsigned int img_len)
 		return IMG_PARSER_ERR_FORMAT;
 	}

-	if (len > (size_t)(end - p)) {
+	if (len != (size_t)(end - p)) {
 		return IMG_PARSER_ERR_FORMAT;
 	}
 	crt_end = p + len;