Merge #879: Avoid passing out-of-bound pointers to 0-size memcpy

real-or-random · real-or-random · commit 8ae56e33e749 · 2021-06-16T10:22:03.000+02:00
9570f67 Avoid passing out-of-bound pointers to 0-size memcpy (Pieter Wuille) Pull request description: Doing so could be considered UB in a pedantic interpretation of the standard. Avoid it. Closes #876. ACKs for top commit: practicalswift: cr ACK 9570f67: patch looks correct real-or-random: ACK 9570f67 Tree-SHA512: f991462d72e39f14e609021b8427c2e6756009bc8cd21efca2da46ec9410250725a4fed662df20fcdcfd10a4dc59038f13e8c166362b2eadde4366586b9ca72b
diff --git a/contrib/lax_der_parsing.c b/contrib/lax_der_parsing.c
@@ -120,7 +120,7 @@ int ecdsa_signature_parse_der_lax(const secp256k1_context* ctx, secp256k1_ecdsa_
     /* Copy R value */
     if (rlen > 32) {
         overflow = 1;
-    } else {
+    } else if (rlen) {
         memcpy(tmpsig + 32 - rlen, input + rpos, rlen);
     }
 
@@ -132,7 +132,7 @@ int ecdsa_signature_parse_der_lax(const secp256k1_context* ctx, secp256k1_ecdsa_
     /* Copy S value */
     if (slen > 32) {
         overflow = 1;
-    } else {
+    } else if (slen) {
         memcpy(tmpsig + 64 - slen, input + spos, slen);
     }
 
diff --git a/contrib/lax_der_privatekey_parsing.c b/contrib/lax_der_privatekey_parsing.c
@@ -44,7 +44,7 @@ int ec_privkey_import_der(const secp256k1_context* ctx, unsigned char *out32, co
     if (end < privkey+2 || privkey[0] != 0x04 || privkey[1] > 0x20 || end < privkey+2+privkey[1]) {
         return 0;
     }
-    memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);
+    if (privkey[1]) memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);
     if (!secp256k1_ec_seckey_verify(ctx, out32)) {
         memset(out32, 0, 32);
         return 0;
diff --git a/src/ecdsa_impl.h b/src/ecdsa_impl.h
@@ -140,7 +140,7 @@ static int secp256k1_der_parse_integer(secp256k1_scalar *r, const unsigned char
         overflow = 1;
     }
     if (!overflow) {
-        memcpy(ra + 32 - rlen, *sig, rlen);
+        if (rlen) memcpy(ra + 32 - rlen, *sig, rlen);
         secp256k1_scalar_set_b32(r, ra, &overflow);
     }
     if (overflow) {

Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ int ec_privkey_import_der(const secp256k1_context* ctx, unsigned char *out32, co`
`44`	`44`	`if (end < privkey+2 \|\| privkey[0] != 0x04 \|\| privkey[1] > 0x20 \|\| end < privkey+2+privkey[1]) {`
`45`	`45`	`return 0;`
`46`	`46`	`}`
`47`		`- memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);`
	`47`	`+ if (privkey[1]) memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);`
`48`	`48`	`if (!secp256k1_ec_seckey_verify(ctx, out32)) {`
`49`	`49`	`memset(out32, 0, 32);`
`50`	`50`	`return 0;`
Original file line number	Diff line number	Diff line change
`@@ -140,7 +140,7 @@ static int secp256k1_der_parse_integer(secp256k1_scalar *r, const unsigned char`
`140`	`140`	`overflow = 1;`
`141`	`141`	`}`
`142`	`142`	`if (!overflow) {`
`143`		`- memcpy(ra + 32 - rlen, *sig, rlen);`
	`143`	`+ if (rlen) memcpy(ra + 32 - rlen, *sig, rlen);`
`144`	`144`	`secp256k1_scalar_set_b32(r, ra, &overflow);`
`145`	`145`	`}`
`146`	`146`	`if (overflow) {`