BN API: fix BN_bin2bn to handle NULL data properly

BN_bin2bn was freeing the BN and returning it. Added test for this.
philljj · Oct 16, 2024 · 64a9e6f · 64a9e6f
1 parent 0f8b4db
commit 64a9e6f
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/src/ssl_bn.c b/src/ssl_bn.c
@@ -516,12 +516,14 @@ WOLFSSL_BIGNUM* wolfSSL_BN_bin2bn(const unsigned char* data, int len,
                 ret = NULL;
             }
             else {
-                /* Don't free bn as we may be returning it. */
+                /* Don't free bn as we are returning it. */
                 bn = NULL;
             }
         }
         else if (data == NULL) {
             wolfSSL_BN_zero(ret);
+            /* Don't free bn as we are returning it. */
+            bn = NULL;
         }
     }
 

diff --git a/tests/api.c b/tests/api.c
@@ -61606,6 +61606,11 @@ static int test_wolfSSL_BN_enc_dec(void)
     ExpectNull(BN_bn2dec(NULL));
     ExpectNull(BN_bn2dec(&emptyBN));
 
+    ExpectNotNull(c = BN_bin2bn(NULL, 0, NULL));
+    BN_clear(c);
+    BN_free(c);
+    c = NULL;
+
     ExpectNotNull(BN_bin2bn(NULL, sizeof(binNum), a));
     BN_free(a);
     ExpectNotNull(a = BN_new());