]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e72d897)
Guard memcmp for ub in X509_vpm.c
authorBob Beck <beck@openssl.org>
Thu, 30 Apr 2026 19:41:32 +0000 (13:41 -0600)
committerNorbert Pocs <norbertp@openssl.org>
Sat, 2 May 2026 18:04:57 +0000 (20:04 +0200)
Techincally unnecessary, since this thing won't let you add NULL
data to it, but this is harmless and then obviously following
the correct paradigm.

Reviewed-by: Matt Caswell <matt@openssl.foundation>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
MergeDate: Sat May  2 18:05:04 2026
(Merged from https://github.com/openssl/openssl/pull/31049)

crypto/x509/x509_vpm.c patch | blob | blame | history

diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index aa606f632022dc0ef2b2756d56c7ac3ce79b0f2a..bc2eb2cce13b5bd73319a6db2ad22d611fcf877b 100644 (file)
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -110,6 +110,8 @@ static int buffer_cmp(const X509_BUFFER *const *a, const X509_BUFFER *const *b)
         return -1;
     if ((*a)->len > (*b)->len)
         return 1;
+    if ((*b)->len == 0)
+        return 0;
     return memcmp((*a)->data, (*b)->data, (*b)->len);
 }
 
Mirror of https://github.com/openssl/openssl.git