Prior to this commit, if a string (or octet string) parameter
was present but indicated it was zero-length, we would return success
but with a NULL output value. This can be problematic in cases where
there is a protocol-level distinction between parameter-absent and
parameter-present-but-zero-length, which is uncommon but can happen.
Since OPENSSL_malloc() returns NULL for zero-length allocation requests,
make a dummy allocation for this case, to give a signal that the string
parameter does exist but has zero length.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11920)
if (used_len != NULL)
*used_len = sz;
- if (sz == 0)
- return 1;
if (p->data == NULL)
return 0;
return 1;
if (*val == NULL) {
- char *const q = OPENSSL_malloc(sz);
+ char *const q = OPENSSL_malloc(sz > 0 ? sz : 1);
if (q == NULL)
return 0;
*val = q;
- memcpy(q, p->data, sz);
+ if (sz != 0)
+ memcpy(q, p->data, sz);
return 1;
}
if (max_len < sz)