From 92387cd899b48deffe1eb72f991a0e2675138a6d Mon Sep 17 00:00:00 2001
From: "Yang, Longlong" <longlong.yang@intel.com>
Date: Wed, 21 Feb 2024 04:24:46 -0500
Subject: [PATCH] fix index out of bounds issue found by fuzz.

fix #38

Signed-off-by: Yang, Longlong <longlong.yang@intel.com>
---
 spdmlib/src/crypto/x509v3.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spdmlib/src/crypto/x509v3.rs b/spdmlib/src/crypto/x509v3.rs
index 36969a2..c9b05c7 100644
--- a/spdmlib/src/crypto/x509v3.rs
+++ b/spdmlib/src/crypto/x509v3.rs
@@ -691,7 +691,7 @@ fn check_and_get_extn_id(extn_sequences: &[u8]) -> SpdmResult<(&[u8], usize)> {
         } else {
             // extnID is the first item in the extension sequence and the tag is Object identifier
             let extn_id = &extn_sequences[1 + extn_bytes_consumed..];
-            if extn_id[0] != ASN1_TAG_NUMBER_OBJECT_IDENTIFIER {
+            if extn_id.is_empty() || extn_id[0] != ASN1_TAG_NUMBER_OBJECT_IDENTIFIER {
                 Err(SPDM_STATUS_VERIF_FAIL)
             } else {
                 let (extn_id_length, extn_id_bytes_consumed) = check_length(&extn_id[1..])?;