From 47f626184c0d400994370658a8a0c679ba6c7ec3 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Mon, 14 Jan 2013 16:40:55 +0100
Subject: [PATCH] Handle existence of OpenSSL Trust Extensions at end of X.509
 DER blob (cherry picked from commit b00ca42f2a26133172d9df9304bfbc9b093a43dc)

Conflicts:
	ChangeLog (Moved message to 'Branch 1.1')
---
 ChangeLog           | 1 +
 library/x509parse.c | 9 +++++----
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 428295689..444311f2b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,7 @@ PolarSSL ChangeLog
 = Branch 1.1
 Bugfix
    * Fixed MPI assembly for SPARC64 platform
+   * Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
 
 Security
    * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
diff --git a/library/x509parse.c b/library/x509parse.c
index 25df0f7af..c9aa738f5 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -1018,7 +1018,7 @@ int x509parse_crt_der( x509_cert *crt, const unsigned char *buf, size_t buflen )
 {
     int ret;
     size_t len;
-    unsigned char *p, *end;
+    unsigned char *p, *end, *crt_end;
 
     /*
      * Check for valid input
@@ -1052,13 +1052,14 @@ int x509parse_crt_der( x509_cert *crt, const unsigned char *buf, size_t buflen )
         return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
     }
 
-    if( len != (size_t) ( end - p ) )
+    if( len > (size_t) ( end - p ) )
     {
         x509_free( crt );
         return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
                 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
     }
-
+    crt_end = p + len;
+    
     /*
      * TBSCertificate  ::=  SEQUENCE  {
      */
@@ -1228,7 +1229,7 @@ int x509parse_crt_der( x509_cert *crt, const unsigned char *buf, size_t buflen )
                 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
     }
 
-    end = crt->raw.p + crt->raw.len;
+    end = crt_end;
 
     /*
      *  signatureAlgorithm   AlgorithmIdentifier,