From 430ffbe564b2175ced031bea0ea544fad1bdfc9e Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Tue, 1 May 2012 08:14:20 +0000
Subject: [PATCH]  -  Fixed potential heap corruption in x509_name allocation

---
 ChangeLog           | 1 +
 library/x509parse.c | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 790ac41d17..c1be440e37 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -23,6 +23,7 @@ Changes
 Bugfix
    * Fixed handling error in mpi_cmp_mpi() on longer B values (found by
      Hui Dong)
+   * Fixed potential heap corruption in x509_name allocation
 
 Security
    * Fixed potential memory corruption on miscrafted client messages (found by
diff --git a/library/x509parse.c b/library/x509parse.c
index 9d01a65004..07fc439e3d 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -305,6 +305,8 @@ static int x509_get_name( unsigned char **p,
     if( cur->next == NULL )
         return( POLARSSL_ERR_X509_MALLOC_FAILED );
 
+    memset( cur->next, 0, sizeof( x509_name ) );
+
     return( x509_get_name( p, end2, cur->next ) );
 }