Merge remote-tracking branch 'origin/pr/2793' into mbedtls-2.16 * origin/pr/2793: Changelog entry Check for zero length and NULL buffer pointer

commit: 71db1de2263ead8f42a8d6124ea14818deac11d8 [log] [tgz]
author: Jaeden Amero <jaeden.amero@arm.com> Thu Sep 05 15:57:34 2019 +0100
committer: Jaeden Amero <jaeden.amero@arm.com> Thu Sep 05 15:57:34 2019 +0100
tree: 17f05db24bdecd9af0127d2506f6d9fbcc2d3476
parent: f09a120b08aecd3fdbddacbb283e91a84ddcd9d5 [diff]
parent: cc9135f42e597bfc75bce3b2531580471a230731 [diff]
diff --git a/ChangeLog b/ChangeLog
index 9c980ae..134253d 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -28,6 +28,8 @@
    * Improve code clarity in x509_crt module, removing false-positive
      uninitialized variable warnings on some recent toolchains (GCC8, etc).
      Discovered and fixed by Andy Gross (Linaro), #2392.
+   * Zero length buffer check for undefined behavior in
+     mbedtls_platform_zeroize(). Fixes ARMmbed/mbed-crypto#49.
 
 Changes
    * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h

diff --git a/library/platform_util.c b/library/platform_util.c
index 756e226..b1f7450 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c

@@ -72,7 +72,10 @@
 
 void mbedtls_platform_zeroize( void *buf, size_t len )
 {
-    memset_func( buf, 0, len );
+    MBEDTLS_INTERNAL_VALIDATE( len == 0 || buf != NULL );
+
+    if( len > 0 )
+        memset_func( buf, 0, len );
 }
 #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
commit	71db1de2263ead8f42a8d6124ea14818deac11d8	[log] [tgz]
author	Jaeden Amero <jaeden.amero@arm.com>	Thu Sep 05 15:57:34 2019 +0100
committer	Jaeden Amero <jaeden.amero@arm.com>	Thu Sep 05 15:57:34 2019 +0100
tree	17f05db24bdecd9af0127d2506f6d9fbcc2d3476
parent	f09a120b08aecd3fdbddacbb283e91a84ddcd9d5 [diff]
parent	cc9135f42e597bfc75bce3b2531580471a230731 [diff]