boringssl/crypto/buf
Adam Langley 82aa28fa81 Make |BUF_memdup| look for zero length, not NULL.
BUF_memdup tries to avoid mallocing zero bytes (and thus unduly
returning an error for a NULL return value) by testing whether the input
buffer is NULL. This goes back to the original OpenSSL code.

However, when |ext_npn_parse_serverhello| tries to use |BUF_memdup| to
copy an NPN value returned by a callback, some callbacks just set the
output /length/ to zero to indicate an empty value. Thus, when
|BUF_memdup| tests the pointer, it's an uninitialised value and MSan
throws an error.

Since passing a NULL pointer to |BUF_memdup| better imply that the
length is zero, while the reverse empirically isn't true, testing the
length seems safer.

Change-Id: I06626f7dfb761de631fd997bda60057b76b8da94
2015-10-06 18:11:33 -07:00
..
buf.c Make |BUF_memdup| look for zero length, not NULL. 2015-10-06 18:11:33 -07:00
CMakeLists.txt