bin2bn(): When len==0, just return a zero BIGNUM

This allows calls with s==NULL and len==0 to be safe. It probably already was, but address sanitizers could still complain. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20033)
author: Richard Levitte <levitte@openssl.org> 2023-01-12 10:17:01 +0100
committer: Hugo Landau <hlandau@openssl.org> 2023-01-20 07:38:30 +0000
commit: 1b24b5a1b43c2af0a6c1cb2d196f5132ee723488 (patch)
tree: aa0bca5897bb232450a806311e3959dfea031ed0 /crypto/bn
parent: 7331e7ef79fe4499d81cc92249e9c97e9ff9291a (diff)
download: openssl-new-1b24b5a1b43c2af0a6c1cb2d196f5132ee723488.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 4fe6ce071a..9d665c26fc 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -447,6 +447,15 @@ static BIGNUM *bin2bn(const unsigned char *s, int len, BIGNUM *ret,
     bn_check_top(ret);
 
     /*
+     * If the input has no bits, the number is considered zero.
+     * This makes calls with s==NULL and len==0 safe.
+     */
+    if (len == 0) {
+        BN_clear(ret);
+        return ret;
+    }
+
+    /*
      * The loop that does the work iterates from least to most
      * significant BIGNUM chunk, so we adapt parameters to transfer
      * input bytes accordingly.
author	Richard Levitte <levitte@openssl.org>	2023-01-12 10:17:01 +0100
committer	Hugo Landau <hlandau@openssl.org>	2023-01-20 07:38:30 +0000
commit	1b24b5a1b43c2af0a6c1cb2d196f5132ee723488 (patch)
tree	aa0bca5897bb232450a806311e3959dfea031ed0 /crypto/bn
parent	7331e7ef79fe4499d81cc92249e9c97e9ff9291a (diff)
download	openssl-new-1b24b5a1b43c2af0a6c1cb2d196f5132ee723488.tar.gz