diff options
author | Matt Caswell <matt@openssl.org> | 2018-05-16 11:59:47 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-05-21 10:22:11 +0100 |
commit | 511190b691183a1fb160e7e05e2974dc73cab0c6 (patch) | |
tree | d55f3c42f3b8f796f08e4dffd924e5ce553f4298 | |
parent | 246bd8fd0507f4555432c148eed5a9322c113bf5 (diff) | |
download | openssl-511190b691183a1fb160e7e05e2974dc73cab0c6.tar.gz |
Fix undefined behaviour in X509_NAME_cmp()
If the lengths of both names is 0 then don't attempt to do a memcmp.
Issue reported by Simon Friedberger, Robert Merget and Juraj Somorovsky.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6291)
-rw-r--r-- | crypto/x509/x509_cmp.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 3d4931be4e..67c187229e 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -173,7 +173,7 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) ret = a->canon_enclen - b->canon_enclen; - if (ret) + if (ret != 0 || a->canon_enclen == 0) return ret; return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen); |