projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b3d042) | patch
Avoid passing NULL to memcpy
authorMatt Caswell <matt@openssl.org>
Wed, 11 Sep 2019 14:03:39 +0000 (15:03 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 12 Sep 2019 09:30:48 +0000 (10:30 +0100)
commit7eeceeaab24aea16027cdc1f9df92366094893b7
tree0590c0cae5ba1c960236480786388dd5336928dctree | snapshot
parent6b3d0423528b049d04b299a8588a32d5c1224717commit | diff
Avoid passing NULL to memcpy

It is undefined behaviour to send NULL as either the src, or dest params
in memcpy.

In pkey_kdf.c we had a check to ensure that the src address is non-NULL.
However in some situations it is possible that the dest address could also
be NULL. Specifically in the case where the datalen is 0 and we are using
a newly allocated BUF_MEM.

We add a check of datalen to avoid the undefined behaviour.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9868)
crypto/evp/pkey_kdf.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.