Fix undefined behaviour in x509
diff --git a/ChangeLog b/ChangeLog
index c420393..7e7374b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,8 @@
errors on use of deprecated functions.
Bugfix
+ * Fix undefined behaviour (memcmp( NULL, NULL, 0 );) in X.509 modules
+ (detected by Clang's 3.6 UBSan).
* mpi_size() and mpi_msb() would segfault when called on an mpi that is
initialized but not set (found by pravic).
* Fix detection of support for getrandom() on Linux (reported by syzzer) by
diff --git a/library/x509_crl.c b/library/x509_crl.c
index e2076a6..de2079f 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -462,7 +462,8 @@
if( crl->sig_oid1.len != crl->sig_oid2.len ||
memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 ||
sig_params1.len != sig_params2.len ||
- memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 )
+ ( sig_params1.len != 0 &&
+ memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_SIG_MISMATCH );
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 4e4d806..fe9e552 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -760,7 +760,8 @@
if( crt->sig_oid1.len != crt->sig_oid2.len ||
memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 ||
sig_params1.len != sig_params2.len ||
- memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 )
+ ( sig_params1.len != 0 &&
+ memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
{
x509_crt_free( crt );
return( POLARSSL_ERR_X509_SIG_MISMATCH );