From d2fe2ffd753706d07b26fbe22b17a561a2e535fc Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 28 Aug 2020 09:07:59 +0200
Subject: [PATCH] sm: Fix a bug in the rfc2253 parser

* sm/certdump.c (parse_dn_part): Fix parser flaw.
--

This could in theory result in reading bytes after a after Nul in a
string and thus possible segv on unallocated memory or reading other
parts of the memory.  However, it is harmless because the rfc2253
strings have been constructed by libksba.

GnuPG-bug-id: 5037
Signed-off-by: Werner Koch <wk@gnupg.org>
---
 sm/certdump.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sm/certdump.c b/sm/certdump.c
index c177cabcf..57e8112fd 100644
--- a/sm/certdump.c
+++ b/sm/certdump.c
@@ -427,7 +427,7 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
     { /* hexstring */
       string++;
       for (s=string; hexdigitp (s); s++)
-        s++;
+        ;
       n = s - string;
       if (!n || (n & 1))
         return NULL; /* Empty or odd number of digits. */