From: Bob Beck Date: Thu, 30 Apr 2026 19:27:32 +0000 (-0600) Subject: Fix potential UB memcmps in obj_dat.c X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4dca3082f8fd1acd80424271cbcd834ac1229461;p=thirdparty%2Fopenssl.git Fix potential UB memcmps in obj_dat.c By calling the real OBJ_cmp Reviewed-by: Eugene Syromiatnikov Reviewed-by: Neil Horman MergeDate: Thu May 7 18:14:54 2026 (Merged from https://github.com/openssl/openssl/pull/31048) --- diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index e30ce1c462b..8bb029ac32e 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -162,8 +162,7 @@ static unsigned long added_obj_hash(const ADDED_OBJ *ca) */ static int obj_equivalent(const ASN1_OBJECT *a, const ASN1_OBJECT *b) { - return a->length == b->length - && memcmp(a->data, b->data, (size_t)a->length) == 0 + return OBJ_cmp(a, b) == 0 && (a->sn == NULL) == (b->sn == NULL) && strcmp(a->sn ? a->sn : "", b->sn ? b->sn : "") == 0 && (a->ln == NULL) == (b->ln == NULL) @@ -182,10 +181,7 @@ static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb) b = cb->obj; switch (ca->type) { case ADDED_DATA: - i = (a->length - b->length); - if (i) - return i; - return memcmp(a->data, b->data, (size_t)a->length); + return OBJ_cmp(a, b); case ADDED_SNAME: if (a->sn == NULL) return -1; @@ -296,16 +292,7 @@ const char *OBJ_nid2ln(int n) static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp) { - int j; - const ASN1_OBJECT *a = *ap; - const ASN1_OBJECT *b = &nid_objs[*bp]; - - j = (a->length - b->length); - if (j) - return j; - if (a->length == 0) - return 0; - return memcmp(a->data, b->data, a->length); + return OBJ_cmp(*ap, &nid_objs[*bp]); } IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);