From: Richard Levitte Date: Fri, 30 Aug 2019 14:54:47 +0000 (+0200) Subject: Deal with BUF_MEM_grow ambiguity X-Git-Tag: openssl-3.0.0-alpha1~1464 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=53598b22987faead115463bf8bd027cd8f794cf3;p=oweals%2Fopenssl.git Deal with BUF_MEM_grow ambiguity BUF_MEM_grow() returns the passed length, but also zero on error. If the passed length was zero, an extra check to see if a returned zero was an error or not is needed. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/9662) --- diff --git a/crypto/evp/pkey_kdf.c b/crypto/evp/pkey_kdf.c index f4a6093bb1..f4cf40e6f4 100644 --- a/crypto/evp/pkey_kdf.c +++ b/crypto/evp/pkey_kdf.c @@ -83,9 +83,16 @@ static int collect(BUF_MEM **collector, void *data, size_t datalen) } i = (*collector)->length; /* BUF_MEM_grow() changes it! */ - if (!BUF_MEM_grow(*collector, i + datalen)) + /* + * The i + datalen check is to distinguish between BUF_MEM_grow() + * signaling an error and BUF_MEM_grow() simply returning the (zero) + * length. + */ + if (!BUF_MEM_grow(*collector, i + datalen) + && i + datalen != 0) return 0; - memcpy((*collector)->data + i, data, datalen); + if (data != NULL) + memcpy((*collector)->data + i, data, datalen); return 1; }