projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 12843c7)
Fix undefined behaviour in X509_NAME_cmp()
authorMatt Caswell <matt@openssl.org>
Wed, 16 May 2018 10:59:47 +0000 (11:59 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 21 May 2018 09:28:02 +0000 (10:28 +0100)
If the lengths of both names is 0 then don't attempt to do a memcmp.

Issue reported by Simon Friedberger, Robert Merget and Juraj Somorovsky.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6291)

(cherry picked from commit 511190b691183a1fb160e7e05e2974dc73cab0c6)

crypto/x509/x509_cmp.c patch | blob | history

diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 01056356c5834137ca54a6909b97b80937a560d9..8ac9efea4227c354802211f7c5c52090a61e1f47 100644 (file)
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -174,7 +174,7 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
 
     ret = a->canon_enclen - b->canon_enclen;
 
-    if (ret)
+    if (ret != 0 || a->canon_enclen == 0)
         return ret;
 
     return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
Unnamed repository; edit this file 'description' to name the repository.