[openssl] master update
tomas at openssl.org
tomas at openssl.org
Tue Oct 19 10:16:30 UTC 2021
The branch master has been updated
via a98b26588b683eb024ab81f3bb3549c43acd5188 (commit)
from 5fdc95e443b4d62a3d1f7094ae6d6ae4682b77e0 (commit)
- Log -----------------------------------------------------------------
commit a98b26588b683eb024ab81f3bb3549c43acd5188
Author: jwalch <jeremy.walch at gmail.com>
Date: Fri Oct 15 19:03:17 2021 -0400
Avoid NULL+X UB in bss_mem.c
Fixes #16816
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16818)
-----------------------------------------------------------------------
Summary of changes:
crypto/bio/bss_mem.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index 7e501762bb..9153c1f1cd 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -254,7 +254,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
bm = bbm->readp;
bo = bbm->buf;
}
- off = bm->data - bo->data;
+ off = (bm->data == bo->data) ? 0 : bm->data - bo->data;
remain = bm->length;
switch (cmd) {
@@ -277,7 +277,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
if (num < 0 || num > off + remain)
return -1; /* Can't see outside of the current buffer */
- bm->data = bo->data + num;
+ bm->data = (num != 0) ? bo->data + num : bo->data;
bm->length = bo->length - num;
bm->max = bo->max - num;
off = num;
More information about the openssl-commits
mailing list