Avoid null pointer write in FFI

If a function returning variable length output was called with a null output buffer but a non-zero output buffer length, FFI layer would call memset(nullptr, 0, buffer_len) and crash. Caught by Coverity.
author: Jack Lloyd <[email protected]> 2018-09-28 12:27:48 -0400
committer: Jack Lloyd <[email protected]> 2018-09-28 12:27:48 -0400
commit: d213317da6065e3c1a149fac33fd16db500b60f6 (patch)
tree: 6d0347857a3f720648c867554abff72163de53cb /src/lib/ffi/ffi_util.h
parent: b9fa8833edf13f0535aa57b53528992198f639fe (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/ffi/ffi_util.h b/src/lib/ffi/ffi_util.h
index 684b25870..f72af0a63 100644
--- a/src/lib/ffi/ffi_util.h
+++ b/src/lib/ffi/ffi_util.h
@@ -128,7 +128,10 @@ inline int write_output(uint8_t out[], size_t* out_len, const uint8_t buf[], siz
       }
    else
       {
-      Botan::clear_mem(out, avail);
+      if(out != nullptr)
+         {
+         Botan::clear_mem(out, avail);
+         }
       return BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE;
       }
    }
author	Jack Lloyd <[email protected]>	2018-09-28 12:27:48 -0400
committer	Jack Lloyd <[email protected]>	2018-09-28 12:27:48 -0400
commit	d213317da6065e3c1a149fac33fd16db500b60f6 (patch)
tree	6d0347857a3f720648c867554abff72163de53cb /src/lib/ffi/ffi_util.h
parent	b9fa8833edf13f0535aa57b53528992198f639fe (diff)