Allow zero-length HKDF keys

When making a copy to keep in the EVP_PKEY_CTX, allocate a single byte for the cached key instead of letting memdup return NULL and cause the call to fail. The length still gets set to zero properly, so we don't end up inspecting the allocated byte, but it's important to have a non-NULL pointer set.
tmshort · Dec 11, 2020 · 93f2e10 · 93f2e10
1 parent 232c9a1
commit 93f2e10
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c
@@ -107,7 +107,10 @@ static int pkey_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
         if (kctx->key != NULL)
             OPENSSL_clear_free(kctx->key, kctx->key_len);
 
-        kctx->key = OPENSSL_memdup(p2, p1);
+        if (p1 == 0)
+            kctx->key = OPENSSL_zalloc(1);
+        else
+            kctx->key = OPENSSL_memdup(p2, p1);
         if (kctx->key == NULL)
             return 0;