Commit d0808664 authored Mar 03, 2017 by Matt Caswell

Ensure we don't call memcpy with a NULL pointer



Commit d5aa14dd simplified the bn_expand_internal() and BN_copy() functions.
Unfortunately it also removed some checks which are still required,
otherwise we call memcpy passing in NULL which is not allowed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2836)

parent 8336ca13

crypto/bn/bn_lib.c

+4 −2

Original line number	Diff line number	Diff line
		@@ -267,6 +267,7 @@ static BN_ULONG bn_expand_internal(const BIGNUM b, int words)
		}

		assert(b->top <= words);
		if (b->top > 0)
		memcpy(a, b->d, sizeof(a) b->top);

		return a;
		@@ -328,6 +329,7 @@ BIGNUM BN_copy(BIGNUM a, const BIGNUM *b)
		if (bn_wexpand(a, b->top) == NULL)
		return NULL;

		if (b->top > 0)
		memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);

		a->top = b->top;