From 5cbbced70dd7dd37b6b11dc6e5b7ca78d4d2e436 Mon Sep 17 00:00:00 2001 From: Weizhi Ao <2362422778@qq.com> Date: Thu, 11 Dec 2025 21:06:23 +0800 Subject: [PATCH] Fix silent failure in ASYNC_start_job when size is 0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When ASYNC_start_job is called with args != NULL but size == 0, OPENSSL_malloc(0) is called. Depending on the libc implementation, malloc(0) may return NULL, causing a silent failure. This patch modifies the logic to skip allocation if size is 0. CLA: trivial Reviewed-by: Norbert Pocs Reviewed-by: Saša Nedvědický Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/29377) --- crypto/async/async.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/async/async.c b/crypto/async/async.c index ff55ef77bac..45853903428 100644 --- a/crypto/async/async.c +++ b/crypto/async/async.c @@ -255,7 +255,8 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret, if ((ctx->currjob = async_get_pool_job()) == NULL) return ASYNC_NO_JOBS; - if (args != NULL) { + /* Check for size > 0 to avoid malloc(0) */ + if (args != NULL && size > 0) { ctx->currjob->funcargs = OPENSSL_malloc(size); if (ctx->currjob->funcargs == NULL) { async_release_job(ctx->currjob); -- 2.47.3