OSSL_PARAM_BLD and BIGNUM; ensure at least one byte is allocated

A zero BIGNUM contains zero bytes, while OSSL_PARAMs with an INTEGER (or UNSIGNED INTEGER) data type are expected to have at least one data byte allocated, containing a zero. This wasn't handled correctly. Fixes #20011 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20013) (cherry picked from commit c455f87aebf245814ba58d6a398b45ca4e80d1d7) (cherry picked from commit e33c37aead7e7dd5647d949db7be875c8fa8c137)
author: Richard Levitte <levitte@openssl.org> 2023-01-10 08:27:44 +0100
committer: Richard Levitte <levitte@openssl.org> 2023-01-11 23:53:02 +0100
commit: 1932e595c8061bcb8d2718eaf5fdb6038bdec631 (patch)
tree: 27c9664c727543461450e190cab4993af58b4f59 /crypto
parent: f51b4ebb07948d942cd6536fe48e325655349d97 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/param_build.c b/crypto/param_build.c
index eaece0026d..11f2fb69cc 100644
--- a/crypto/param_build.c
+++ b/crypto/param_build.c
@@ -221,6 +221,10 @@ int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
         }
         if (BN_get_flags(bn, BN_FLG_SECURE) == BN_FLG_SECURE)
             secure = 1;
+
+        /* The BIGNUM is zero, we must transfer at least one byte */
+        if (sz == 0)
+            sz++;
     }
     pd = param_push(bld, key, sz, sz, OSSL_PARAM_UNSIGNED_INTEGER, secure);
     if (pd == NULL)
author	Richard Levitte <levitte@openssl.org>	2023-01-10 08:27:44 +0100
committer	Richard Levitte <levitte@openssl.org>	2023-01-11 23:53:02 +0100
commit	1932e595c8061bcb8d2718eaf5fdb6038bdec631 (patch)
tree	27c9664c727543461450e190cab4993af58b4f59 /crypto
parent	f51b4ebb07948d942cd6536fe48e325655349d97 (diff)