Commit 4dca3082f8 for openssl.org
commit 4dca3082f8fd1acd80424271cbcd834ac1229461
Author: Bob Beck <beck@openssl.org>
Date: Thu Apr 30 13:27:32 2026 -0600
Fix potential UB memcmps in obj_dat.c
By calling the real OBJ_cmp
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
MergeDate: Thu May 7 18:14:54 2026
(Merged from https://github.com/openssl/openssl/pull/31048)
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index e30ce1c462..8bb029ac32 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -162,8 +162,7 @@ static unsigned long added_obj_hash(const ADDED_OBJ *ca)
*/
static int obj_equivalent(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
{
- return a->length == b->length
- && memcmp(a->data, b->data, (size_t)a->length) == 0
+ return OBJ_cmp(a, b) == 0
&& (a->sn == NULL) == (b->sn == NULL)
&& strcmp(a->sn ? a->sn : "", b->sn ? b->sn : "") == 0
&& (a->ln == NULL) == (b->ln == NULL)
@@ -182,10 +181,7 @@ static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
b = cb->obj;
switch (ca->type) {
case ADDED_DATA:
- i = (a->length - b->length);
- if (i)
- return i;
- return memcmp(a->data, b->data, (size_t)a->length);
+ return OBJ_cmp(a, b);
case ADDED_SNAME:
if (a->sn == NULL)
return -1;
@@ -296,16 +292,7 @@ const char *OBJ_nid2ln(int n)
static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp)
{
- int j;
- const ASN1_OBJECT *a = *ap;
- const ASN1_OBJECT *b = &nid_objs[*bp];
-
- j = (a->length - b->length);
- if (j)
- return j;
- if (a->length == 0)
- return 0;
- return memcmp(a->data, b->data, a->length);
+ return OBJ_cmp(*ap, &nid_objs[*bp]);
}
IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);