]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
x509: Fixes to prevent undefined behavior (found with libubsan)
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 29 Feb 2016 08:43:32 +0000 (09:43 +0100)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 29 Feb 2016 08:44:09 +0000 (09:44 +0100)
lib/mem.h
lib/x509/x509.c

index 418a7b724f25ff0b42391ff9ddaaa52dbaab4b99..a235b1cc4f276a9959aa6c65cb0b0f3f3a904322 100644 (file)
--- a/lib/mem.h
+++ b/lib/mem.h
@@ -31,6 +31,15 @@ void *gnutls_realloc_fast(void *ptr, size_t size);
 void *_gnutls_calloc(size_t nmemb, size_t size);
 char *_gnutls_strdup(const char *);
 
+/* To avoid undefined behavior when s1 or s2 are null and n = 0 */
+inline static
+int safe_memcmp(const void *s1, const void *s2, size_t n)
+{
+        if (n == 0)
+                return 0;
+        return memcmp(s1, s2, n);
+}
+
 #define zrelease_mpi_key(mpi) if (*mpi!=NULL) { \
                 _gnutls_mpi_clear(*mpi); \
                 _gnutls_mpi_release(mpi); \
index 2b9f01f503bb2dbd92b82c0b1b82f4d7ac78219d..0d2cc0fe341178e4031e18ed615495e3b9e8ef70 100644 (file)
@@ -219,7 +219,7 @@ static int compare_sig_algorithm(gnutls_x509_crt_t cert)
        }
 
        if (empty1 != empty2 || 
-           sp1.size != sp2.size || memcmp(sp1.data, sp2.data, sp1.size) != 0) {
+           sp1.size != sp2.size || safe_memcmp(sp1.data, sp2.data, sp1.size) != 0) {
                gnutls_assert();
                ret = GNUTLS_E_CERTIFICATE_ERROR;
                goto cleanup;
@@ -3470,6 +3470,8 @@ gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt, char *buf,
            _gnutls_x509_read_value(crt->cert,
                                    "tbsCertificate.subjectUniqueID",
                                    &datum);
+       if (result < 0)
+               return gnutls_assert_val(result);
 
        if (datum.size > *buf_size) {   /* then we're not going to fit */
                *buf_size = datum.size;
@@ -3518,6 +3520,8 @@ gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt, char *buf,
            _gnutls_x509_read_value(crt->cert,
                                    "tbsCertificate.issuerUniqueID",
                                    &datum);
+       if (result < 0)
+               return gnutls_assert_val(result);
 
        if (datum.size > *buf_size) {   /* then we're not going to fit */
                *buf_size = datum.size;