Deal with BUF_MEM_grow ambiguity

BUF_MEM_grow() returns the passed length, but also zero on error. If the passed length was zero, an extra check to see if a returned zero was an error or not is needed. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9662)
author: Richard Levitte <levitte@openssl.org> 2019-08-30 16:54:47 +0200
committer: Pauli <paul.dale@oracle.com> 2019-09-06 19:27:57 +1000
commit: 53598b22987faead115463bf8bd027cd8f794cf3 (patch)
tree: 1431b397cc4de4cac2b54879afc2764b08caa764 /crypto
parent: ea643c959f626fd3860b8aa49b42fd0b96e71492 (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/crypto/evp/pkey_kdf.c b/crypto/evp/pkey_kdf.c
index f4a6093bb1..f4cf40e6f4 100644
--- a/crypto/evp/pkey_kdf.c
+++ b/crypto/evp/pkey_kdf.c
@@ -83,9 +83,16 @@ static int collect(BUF_MEM **collector, void *data, size_t datalen)
     }
 
     i = (*collector)->length; /* BUF_MEM_grow() changes it! */
-    if (!BUF_MEM_grow(*collector, i + datalen))
+    /*
+     * The i + datalen check is to distinguish between BUF_MEM_grow()
+     * signaling an error and BUF_MEM_grow() simply returning the (zero)
+     * length.
+     */
+    if (!BUF_MEM_grow(*collector, i + datalen)
+        && i + datalen != 0)
         return 0;
-    memcpy((*collector)->data + i, data, datalen);
+    if (data != NULL)
+        memcpy((*collector)->data + i, data, datalen);
     return 1;
 }
author	Richard Levitte <levitte@openssl.org>	2019-08-30 16:54:47 +0200
committer	Pauli <paul.dale@oracle.com>	2019-09-06 19:27:57 +1000
commit	53598b22987faead115463bf8bd027cd8f794cf3 (patch)
tree	1431b397cc4de4cac2b54879afc2764b08caa764 /crypto
parent	ea643c959f626fd3860b8aa49b42fd0b96e71492 (diff)