void *_gnutls_calloc(size_t nmemb, size_t size);
char *_gnutls_strdup(const char *);
+/* To avoid undefined behavior when s1 or s2 are null and n = 0 */
+inline static
+int safe_memcmp(const void *s1, const void *s2, size_t n)
+{
+ if (n == 0)
+ return 0;
+ return memcmp(s1, s2, n);
+}
+
#define zrelease_mpi_key(mpi) if (*mpi!=NULL) { \
_gnutls_mpi_clear(*mpi); \
_gnutls_mpi_release(mpi); \
}
if (empty1 != empty2 ||
- sp1.size != sp2.size || memcmp(sp1.data, sp2.data, sp1.size) != 0) {
+ sp1.size != sp2.size || safe_memcmp(sp1.data, sp2.data, sp1.size) != 0) {
gnutls_assert();
ret = GNUTLS_E_CERTIFICATE_ERROR;
goto cleanup;
_gnutls_x509_read_value(crt->cert,
"tbsCertificate.subjectUniqueID",
&datum);
+ if (result < 0)
+ return gnutls_assert_val(result);
if (datum.size > *buf_size) { /* then we're not going to fit */
*buf_size = datum.size;
_gnutls_x509_read_value(crt->cert,
"tbsCertificate.issuerUniqueID",
&datum);
+ if (result < 0)
+ return gnutls_assert_val(result);
if (datum.size > *buf_size) { /* then we're not going to fit */
*buf_size = datum.size;