Make |BUF_memdup| look for zero length, not NULL.

BUF_memdup tries to avoid mallocing zero bytes (and thus unduly returning an error for a NULL return value) by testing whether the input buffer is NULL. This goes back to the original OpenSSL code. However, when |ext_npn_parse_serverhello| tries to use |BUF_memdup| to copy an NPN value returned by a callback, some callbacks just set the output /length/ to zero to indicate an empty value. Thus, when |BUF_memdup| tests the pointer, it's an uninitialised value and MSan throws an error. Since passing a NULL pointer to |BUF_memdup| better imply that the length is zero, while the reverse empirically isn't true, testing the length seems safer. Change-Id: I06626f7dfb761de631fd997bda60057b76b8da94
author: Adam Langley <agl@google.com> 2015-10-07 04:11:33 +0300
committer: Adam Langley <agl@google.com> 2015-10-07 04:11:33 +0300
commit: 82aa28fa81222a4a614ccf43fbc5b6e9bf02b588 (patch)
tree: 9e473aa847fd1f2decb68381d3d7e0f0b3212b43 /crypto/buf
parent: c608d6b02be0d524adc2e5048df81e29da032c00 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/buf/buf.c b/crypto/buf/buf.c
index 13b5cebd..b918f01f 100644
--- a/crypto/buf/buf.c
+++ b/crypto/buf/buf.c
@@ -220,7 +220,7 @@ size_t BUF_strlcat(char *dst, const char *src, size_t dst_size) {
 void *BUF_memdup(const void *data, size_t dst_size) {
   void *ret;
 
-  if (data == NULL) {
+  if (dst_size == 0) {
     return NULL;
   }
author	Adam Langley <agl@google.com>	2015-10-07 04:11:33 +0300
committer	Adam Langley <agl@google.com>	2015-10-07 04:11:33 +0300
commit	82aa28fa81222a4a614ccf43fbc5b6e9bf02b588 (patch)
tree	9e473aa847fd1f2decb68381d3d7e0f0b3212b43 /crypto/buf
parent	c608d6b02be0d524adc2e5048df81e29da032c00 (diff)