Fix uni2asc() so it can properly convert zero length

unicode strings. Certain PKCS#12 files contain these
in BMPStrings and it used to crash on them.

diff --git a/CHANGES b/CHANGES
index 75fdcc509b48aa10757e8ffcce1cb4005ef9f975..e5371b98dc76c0bb30e021f1be541d77f52a6d1a 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,10 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Fix to uni2asc() to cope with zero length Unicode strings.
+     These are present in some PKCS#12 files.
+     [Steve Henson]
+
   *) Finish off removing the remaining LHASH function pointer casts.
      There should no longer be any prototype-casting required when using
      the LHASH abstraction, and any casts that remain are "bugs". See

diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c
index 2c2166e8d7e73f2207f97722a62e6546b57c78e9..8ed3e0d0c7ed20f34625d7c07af3df393954d8d1 100644 (file)
--- a/crypto/pkcs12/p12_utl.c
+++ b/crypto/pkcs12/p12_utl.c
@@ -83,7 +83,7 @@ char *uni2asc (unsigned char *uni, int unilen)
        char *asctmp;
        asclen = unilen / 2;
        /* If no terminating zero allow for one */
-       if (uni[unilen - 1]) asclen++;
+       if (!unilen || uni[unilen - 1]) asclen++;
        uni++;
        if (!(asctmp = OPENSSL_malloc (asclen))) return NULL;
        for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i];