From f5016d88dd5a9c651162c137ecade04da72a4705 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 16 Sep 2015 23:51:57 +0200 Subject: [PATCH] Prevent undefined behavior Don't call XMEMCPY() in case info (the source parameter to memcpy) is NULL as this would trigger UB --- src/misc/hkdf/hkdf.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/misc/hkdf/hkdf.c b/src/misc/hkdf/hkdf.c index b6f24a0..3682bf8 100644 --- a/src/misc/hkdf/hkdf.c +++ b/src/misc/hkdf/hkdf.c @@ -61,7 +61,9 @@ int hkdf_expand(int hash_idx, const unsigned char *info, unsigned long infolen, if (T == NULL) { return CRYPT_MEM; } - XMEMCPY(T + hashsize, info, infolen); + if (info != NULL) { + XMEMCPY(T + hashsize, info, infolen); + } /* HMAC data T(1) doesn't include a previous hash value */ dat = T + hashsize;