From 721f06d49d5935c587597857052c14b9db96163f Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Wed, 19 Jun 2013 12:07:42 +0200
Subject: [PATCH] x509parse_crt() now better handles PEM error situations

Because of new pem_read_buffer() handling of when it writes use_len,
x509parse_crt() is able to better handle situations where a PEM blob
results in an error but the other blobs can still be parsed.
(cherry picked from commit 6417186365f4a73a719fff754fefe8edcef2bc28)

Conflicts:
	ChangeLog
---
 ChangeLog           |  3 +++
 library/x509parse.c | 10 ++++++++++
 2 files changed, 13 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 56187899a..4e9fb7c93 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,9 @@ PolarSSL ChangeLog
 Changes
    * HAVEGE random generator disabled by default
 
+Bugfix
+   * x509parse_crt() now better handles PEM error situations
+
 = Version 1.1.6 released on 2013-03-11
 Bugfix
    * Fixed net_bind() for specified IP addresses on little endian systems
diff --git a/library/x509parse.c b/library/x509parse.c
index 7fd167291..42ddd70e2 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -1349,10 +1349,20 @@ int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
                 buflen -= use_len;
                 buf += use_len;
             }
+            else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA )
+            {
+                return( ret );
+            }
             else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
             {
                 pem_free( &pem );
 
+                /*
+                 * PEM header and footer were found
+                 */
+                buflen -= use_len;
+                buf += use_len;
+
                 if( first_error == 0 )
                     first_error = ret;