mirrors-yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls synced 2024-11-24 13:38:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

Don't call memcpy with NULL pointer in mbedtls_mpi_read_binary()

Browse source 
mbedtls_mpi_read_binary() calls memcpy() with the source pointer being
the source pointer passed to mbedtls_mpi_read_binary(), the latter may
be NULL if the buffer length is 0 (and this happens e.g. in the ECJPAKE
test suite). The behavior of memcpy(), in contrast, is undefined when
called with NULL source buffer, even if the length of the copy operation
is 0.

This commit fixes this by explicitly checking that the source pointer is
not NULL before calling memcpy(), and skipping the call otherwise.
This commit is contained in:
Hanno Becker 2019-01-03 17:13:11 +00:00
parent 9f6d16ad79
commit 0e810b9648
1 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
library/bignum.c
View file

@ -823,10 +823,15 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t bu
} }
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
Xp = (unsigned char*) X->p; /* Avoid calling `memcpy` with NULL source argument,
memcpy( Xp + overhead, buf, buflen ); * even if buflen is 0. */
if( buf != NULL )
{
Xp = (unsigned char*) X->p;
memcpy( Xp + overhead, buf, buflen );
mpi_bigendian_to_host( X->p, limbs ); mpi_bigendian_to_host( X->p, limbs );
}
cleanup: cleanup: