[master] 84813b20d Do not call VSHA256Update() for zero length input

Nils Goroll nils.goroll at uplex.de
Mon Nov 25 15:01:05 UTC 2024


commit 84813b20db2b83aad2c89567eb30460ec620b496
Author: Nils Goroll <nils.goroll at uplex.de>
Date:   Mon Nov 25 15:59:35 2024 +0100

    Do not call VSHA256Update() for zero length input
    
    Should address an ASAN complaint via CCI:
    
    vsha256.c:298:3: runtime error: null pointer passed as argument 2, which is declared to never be null
    
    https://app.circleci.com/pipelines/github/varnishcache/varnish-cache/6494/workflows/6c831825-db4d-4dbb-a071-efdee38996ff/jobs/83887?invite=true#step-102-217155_51

diff --git a/vmod/vmod_debug_filters.c b/vmod/vmod_debug_filters.c
index 68fbb5566..53777996d 100644
--- a/vmod/vmod_debug_filters.c
+++ b/vmod/vmod_debug_filters.c
@@ -463,7 +463,8 @@ xyzzy_chksha256_bytes(struct vdp_ctx *vdc, enum vdp_action act, void **priv,
 	struct vdp_chksha256_s *vdps;
 
 	CAST_OBJ_NOTNULL(vdps, *priv, VDP_CHKSHA256_MAGIC);
-	VSHA256_Update(vdps->cx, ptr, len);
+	if (len != 0)
+		VSHA256_Update(vdps->cx, ptr, len);
 	vdps->called++;
 	vdps->bytes += len;
 	return (VDP_bytes(vdc, act, ptr, len));


More information about the varnish-commit mailing list