From: Kurt Roeckx <kurt@roeckx.be>
Date: Thu, 15 Dec 2016 19:23:52 +0000 (+0100)
Subject: Don't call memcpy with NULL as source
X-Git-Tag: OpenSSL_1_1_1-pre1~2842
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=eeab356c298248108b82157ef51172ba040646f7;p=openssl

Don't call memcpy with NULL as source

Calling it with lenght 0 and NULL as source is undefined behaviour.

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #2089
---

diff --git a/crypto/bn/bn_intern.c b/crypto/bn/bn_intern.c
index 9227b6e241..2c970647de 100644
--- a/crypto/bn/bn_intern.c
+++ b/crypto/bn/bn_intern.c
@@ -167,7 +167,8 @@ int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size)
         return 0;
 
     memset(out, 0, sizeof(*out) * size);
-    memcpy(out, in->d, sizeof(*out) * in->top);
+    if (in->d != NULL)
+        memcpy(out, in->d, sizeof(*out) * in->top);
     return 1;
 }