Work around language and compiler bug in memcpy, etc.
Most C standard library functions are undefined if passed NULL, even
when the corresponding length is zero. This gives them (and, in turn,
all functions which call them) surprising behavior on empty arrays.
Some compilers will miscompile code due to this rule. See also
https://www.imperialviolet.org/2016/06/26/nonnull.html
Add OPENSSL_memcpy, etc., wrappers which avoid this problem.
BUG=23
Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e
Reviewed-on: https://boringssl-review.googlesource.com/12928
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 7cdc294..bf82e08 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -144,8 +144,10 @@
#include <openssl/md5.h>
#include <openssl/nid.h>
+#include "../crypto/internal.h"
#include "internal.h"
+
static int ssl3_prf(const SSL *ssl, uint8_t *out, size_t out_len,
const uint8_t *secret, size_t secret_len, const char *label,
size_t label_len, const uint8_t *seed1, size_t seed1_len,
@@ -194,7 +196,7 @@
EVP_DigestUpdate(&md5, smd, SHA_DIGEST_LENGTH);
if (i + MD5_DIGEST_LENGTH > out_len) {
EVP_DigestFinal_ex(&md5, smd, NULL);
- memcpy(out, smd, out_len - i);
+ OPENSSL_memcpy(out, smd, out_len - i);
} else {
EVP_DigestFinal_ex(&md5, out, NULL);
}
@@ -269,7 +271,8 @@
if (!BUF_MEM_grow(ssl->s3->handshake_buffer, new_len)) {
return 0;
}
- memcpy(ssl->s3->handshake_buffer->data + new_len - in_len, in, in_len);
+ OPENSSL_memcpy(ssl->s3->handshake_buffer->data + new_len - in_len, in,
+ in_len);
}
if (EVP_MD_CTX_md(&ssl->s3->handshake_hash) != NULL) {
