From b088d81cefe45c16409085f1560ad1d4c235a696 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 28 Aug 2020 09:12:55 +0200
Subject: [PATCH] qt: Fix an rfc2253 parser flaw

* lang/qt/src/dn.cpp (parse_dn_part): Fix parser.

--

This could in theory result in reading bytes after a after Nul in a
string and thus possible segv on unallocated memory or reading other
parts of the memory.  However, it is harmless because the rfc2253
strings have been received from GnuPG which is expected to emit
correct syntax.

GnuPG-bug-id: 5037
---
 lang/qt/src/dn.cpp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lang/qt/src/dn.cpp b/lang/qt/src/dn.cpp
index e41d481c..836158b0 100644
--- a/lang/qt/src/dn.cpp
+++ b/lang/qt/src/dn.cpp
@@ -177,9 +177,8 @@ parse_dn_part(DnPair *array, const unsigned char *string)
     if (*string == '#') {
         /* hexstring */
         string++;
-        for (s = string; hexdigitp(s); s++) {
-            s++;
-        }
+        for (s = string; hexdigitp(s); s++)
+          ;
         n = s - string;
         if (!n || (n & 1)) {
             return NULL;    /* empty or odd number of digits */