diff options
author | Jack Lloyd <[email protected]> | 2018-09-28 12:27:48 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-09-28 12:27:48 -0400 |
commit | d213317da6065e3c1a149fac33fd16db500b60f6 (patch) | |
tree | 6d0347857a3f720648c867554abff72163de53cb /src/tests | |
parent | b9fa8833edf13f0535aa57b53528992198f639fe (diff) |
Avoid null pointer write in FFI
If a function returning variable length output was called with a
null output buffer but a non-zero output buffer length, FFI layer
would call memset(nullptr, 0, buffer_len) and crash.
Caught by Coverity.
Diffstat (limited to 'src/tests')
-rw-r--r-- | src/tests/test_ffi.cpp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index 6687697cb..aca2dbfb9 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -328,6 +328,9 @@ class FFI_Unit_Tests final : public Test size_t date_len = 0; TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_time_starts, (cert, nullptr, &date_len)); + date_len = 8; + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_time_starts, (cert, nullptr, &date_len)); + std::string date(date_len - 1, '0'); TEST_FFI_OK(botan_x509_cert_get_time_starts, (cert, &date[0], &date_len)); result.test_eq("cert valid from", date, "070719152718Z"); |