From: Richard Levitte <levitte@openssl.org>
Date: Thu, 12 Jan 2023 09:17:01 +0000 (+0100)
Subject: bin2bn(): When len==0, just return a zero BIGNUM
X-Git-Tag: openssl-3.2.0-alpha1~1426
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1b24b5a1b43c2af0a6c1cb2d196f5132ee723488;p=thirdparty%2Fopenssl.git

bin2bn(): When len==0, just return a zero BIGNUM

This allows calls with s==NULL and len==0 to be safe.  It probably already
was, but address sanitizers could still complain.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20033)
---

diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 4fe6ce071a3..9d665c26fc4 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -446,6 +446,15 @@ static BIGNUM *bin2bn(const unsigned char *s, int len, BIGNUM *ret,
         return NULL;
     bn_check_top(ret);
 
+    /*
+     * If the input has no bits, the number is considered zero.
+     * This makes calls with s==NULL and len==0 safe.
+     */
+    if (len == 0) {
+        BN_clear(ret);
+        return ret;
+    }
+
     /*
      * The loop that does the work iterates from least to most
      * significant BIGNUM chunk, so we adapt parameters to transfer