Make the -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION pass tests

Fixes #16428 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/16433)
2025-03-31 20:10:45 +08:00 · 2021-08-26 15:08:15 +02:00 · 2021-08-26 15:08:15 +02:00 · 72a509f94f
commit 72a509f94f
parent 6922255225
3 changed files with 13 additions and 7 deletions
--- a/crypto/asn1/a_print.c
+++ b/crypto/asn1/a_print.c
@ -18,12 +18,13 @@ int ASN1_PRINTABLE_type(const unsigned char *s, int len)
    int ia5 = 0;
    int t61 = 0;

-    if (len <= 0)
-        len = -1;
    if (s == NULL)
        return V_ASN1_PRINTABLESTRING;

-    while ((*s) && (len-- != 0)) {
+    if (len < 0)
+        len = strlen((const char *)s);
+
+    while (len-- > 0) {
        c = *(s++);
        if (!ossl_isasn1print(c))
            ia5 = 1;
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@ -303,7 +303,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in)
        c = str->data;
 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
        /* No NUL terminator in fuzzing builds */
-        str->data = OPENSSL_realloc(c, len);
+        str->data = OPENSSL_realloc(c, len != 0 ? len : 1);
 #else
        str->data = OPENSSL_realloc(c, len + 1);
 #endif
@ -316,7 +316,11 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len_in)
    str->length = len;
    if (data != NULL) {
        memcpy(str->data, data, len);
-#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+        /* Set the unused byte to something non NUL and printable. */
+        if (len == 0)
+            str->data[len] = '~';
+#else
        /*
         * Add a NUL terminator. This should not be necessary - but we add it as
         * a safety precaution
@ -384,7 +388,8 @@ int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)

    i = (a->length - b->length);
    if (i == 0) {
-        i = memcmp(a->data, b->data, a->length);
+        if (a->length != 0)
+            i = memcmp(a->data, b->data, a->length);
        if (i == 0)
            return a->type - b->type;
        else
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@ -229,7 +229,7 @@ static int ssl_session_strndup(char **pdst, ASN1_OCTET_STRING *src)
 static int ssl_session_memcpy(unsigned char *dst, size_t *pdstlen,
                              ASN1_OCTET_STRING *src, size_t maxlen)
 {
-    if (src == NULL) {
+    if (src == NULL || src->length == 0) {
        *pdstlen = 0;
        return 1;
    }