From: Nikos Mavrogiannopoulos Date: Mon, 29 Feb 2016 08:43:32 +0000 (+0100) Subject: x509: Fixes to prevent undefined behavior (found with libubsan) X-Git-Tag: gnutls_3_5_0~293 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5bbe1ecbe4c6da8fd5015d0e4aceba580d16afa0;p=thirdparty%2Fgnutls.git x509: Fixes to prevent undefined behavior (found with libubsan) --- diff --git a/lib/mem.h b/lib/mem.h index 418a7b724f..a235b1cc4f 100644 --- a/lib/mem.h +++ b/lib/mem.h @@ -31,6 +31,15 @@ void *gnutls_realloc_fast(void *ptr, size_t size); void *_gnutls_calloc(size_t nmemb, size_t size); char *_gnutls_strdup(const char *); +/* To avoid undefined behavior when s1 or s2 are null and n = 0 */ +inline static +int safe_memcmp(const void *s1, const void *s2, size_t n) +{ + if (n == 0) + return 0; + return memcmp(s1, s2, n); +} + #define zrelease_mpi_key(mpi) if (*mpi!=NULL) { \ _gnutls_mpi_clear(*mpi); \ _gnutls_mpi_release(mpi); \ diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 2b9f01f503..0d2cc0fe34 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -219,7 +219,7 @@ static int compare_sig_algorithm(gnutls_x509_crt_t cert) } if (empty1 != empty2 || - sp1.size != sp2.size || memcmp(sp1.data, sp2.data, sp1.size) != 0) { + sp1.size != sp2.size || safe_memcmp(sp1.data, sp2.data, sp1.size) != 0) { gnutls_assert(); ret = GNUTLS_E_CERTIFICATE_ERROR; goto cleanup; @@ -3470,6 +3470,8 @@ gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt, char *buf, _gnutls_x509_read_value(crt->cert, "tbsCertificate.subjectUniqueID", &datum); + if (result < 0) + return gnutls_assert_val(result); if (datum.size > *buf_size) { /* then we're not going to fit */ *buf_size = datum.size; @@ -3518,6 +3520,8 @@ gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt, char *buf, _gnutls_x509_read_value(crt->cert, "tbsCertificate.issuerUniqueID", &datum); + if (result < 0) + return gnutls_assert_val(result); if (datum.size > *buf_size) { /* then we're not going to fit */ *buf_size = datum.size;