From a056efc8f902f547dbd65b37209d5da3df6c068a Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Sun, 16 Jan 2011 21:38:35 +0000
Subject: [PATCH]  - Fixed serial length check

---
 library/x509parse.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/x509parse.c b/library/x509parse.c
index b37c4c217..9c46b1c6f 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -2596,7 +2596,8 @@ int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
 
     while( cur != NULL && cur->serial.len != 0 )
     {
-        if( memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
+        if( crt->serial.len == cur->serial.len &&
+            memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
         {
             if( x509parse_time_expired( &cur->revocation_date ) )
                 return( 1 );