]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bd85fd7) | patch
Allow 0 length comparisons in OBJ_CMP to return 0 without UB memcmp
authorBob Beck <beck@openssl.org>
Wed, 22 Apr 2026 18:37:29 +0000 (12:37 -0600)
committerNeil Horman <nhorman@openssl.org>
Wed, 6 May 2026 14:55:07 +0000 (10:55 -0400)
commitce22d29f5fbeaa976fbc6ab2fc5be7a806142df0
treea6b0e7a7104dcda01deae5f5f58e382dbd15e77btree | snapshot
parentbd85fd7cde7cefc417d0c30ed29fc3eb5ad3e71ccommit | diff
Allow 0 length comparisons in OBJ_CMP to return 0 without UB memcmp

X509_verify is documented to return -1 if the algorithm is invalid
or can't be compared for any reason.

Sadly this implies that it is legitimate to pass it an incorrect X509
object and it should see this. If we hand it a new X509 object with
nothing filled in, it will memcmp(NULL...) at the end of a stack of
FOO_cmp abstractions, which is UB.

Fix this by permitting the 0 length case to return equal without
a memcmp, as suggested by slontis@ and botovq@

Fixes: https://github.com/openssl/openssl/issues/30922
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
Reviewed-by: Matt Caswell <matt@openssl.foundation>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
MergeDate: Wed May  6 14:55:20 2026
(Merged from https://github.com/openssl/openssl/pull/30943)
crypto/objects/obj_lib.c diff | blob | blame | history
test/x509_test.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git