Don't pass NULL,0 to qsort.

qsort shares the same C language bug as mem*. Two of our calls may see
zero-length lists. This trips UBSan.

Change-Id: Id292dd277129881001eb57b1b2db78438cf4642e
Reviewed-on: https://boringssl-review.googlesource.com/c/34447
Reviewed-by: Adam Langley <agl@google.com>

crypto/stack/stack.c

@@ -358,8 +358,6 @@ err:
 }
 
 void sk_sort(_STACK *sk) {
-  int (*comp_func)(const void *,const void *);
-
   if (sk == NULL || sk->comp == NULL || sk->sorted) {
     return;
   }
@@ -370,8 +368,11 @@ void sk_sort(_STACK *sk) {
   // e.g., CFI does not notice. Unfortunately, |qsort| is missing a void*
   // parameter in its callback and |qsort_s| / |qsort_r| are a mess of
   // incompatibility.
-  comp_func = (int (*)(const void *, const void *))(sk->comp);
+  if (sk->num >= 2) {
+    int (*comp_func)(const void *, const void *) =
+        (int (*)(const void *, const void *))(sk->comp);
     qsort(sk->data, sk->num, sizeof(void *), comp_func);
+  }
   sk->sorted = 1;
 }
 

ssl/ssl_privkey.cc

@@ -553,6 +553,10 @@ static int compare_uint16_t(const void *p1, const void *p2) {
 }
 
 static bool sigalgs_unique(Span<const uint16_t> in_sigalgs) {
+  if (in_sigalgs.size() < 2) {
+    return true;
+  }
+
   Array<uint16_t> sigalgs;
   if (!sigalgs.CopyFrom(in_sigalgs)) {
     return false;