summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKurt Roeckx <kurt@roeckx.be>2016-06-19 14:16:16 +0200
committerKurt Roeckx <kurt@roeckx.be>2016-06-21 20:55:54 +0200
commit01238aec4071eabf072f4e98e3fb84cbab3c7107 (patch)
treea09753990785e9f064b03d3b8181f6b7109ddcdc
parent28bd8e945ff0bf50183af2481cc36180fbccaedb (diff)
downloadopenssl-new-01238aec4071eabf072f4e98e3fb84cbab3c7107.tar.gz
buf2hexstr: properly deal with empty string
It wrote before the start of the string found by afl Reviewed-by: Richard Levitte <levitte@openssl.org> MR: #2994
-rw-r--r--crypto/o_str.c7
-rw-r--r--doc/crypto/OPENSSL_malloc.pod2
2 files changed, 7 insertions, 2 deletions
diff --git a/crypto/o_str.c b/crypto/o_str.c
index 29c324f474..beabec0ddc 100644
--- a/crypto/o_str.c
+++ b/crypto/o_str.c
@@ -198,7 +198,12 @@ char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len)
const unsigned char *p;
int i;
- if ((tmp = OPENSSL_malloc(len * 3 + 1)) == NULL) {
+ if (len == 0)
+ {
+ return OPENSSL_zalloc(1);
+ }
+
+ if ((tmp = OPENSSL_malloc(len * 3)) == NULL) {
CRYPTOerr(CRYPTO_F_OPENSSL_BUF2HEXSTR, ERR_R_MALLOC_FAILURE);
return NULL;
}
diff --git a/doc/crypto/OPENSSL_malloc.pod b/doc/crypto/OPENSSL_malloc.pod
index ba50221f1c..5d254f7b90 100644
--- a/doc/crypto/OPENSSL_malloc.pod
+++ b/doc/crypto/OPENSSL_malloc.pod
@@ -124,7 +124,7 @@ An odd number of hex digits is an error.
OPENSSL_buf2hexstr() takes the specified buffer and length, and returns
a hex string for value, or NULL on error.
-B<Buffer> cannot be NULL; if B<len> is NULL an empty string is returned.
+B<Buffer> cannot be NULL; if B<len> is 0 an empty string is returned.
OPENSSL_hexchar2int() converts a character to the hexadecimal equivalent,
or returns -1 on error.