From 369e93398b68b8a328e6c1d766222b2d281ef016 Mon Sep 17 00:00:00 2001
From: Kurt Roeckx <kurt@roeckx.be>
Date: Thu, 26 May 2016 18:40:32 +0200
Subject: [PATCH] Avoid calling memcpy with lenght of 0

We can call memcpy() with a pointer 1 past the last allocated byte and length
of 0 and you can argue that that's undefined behaviour.

Reported by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1132
---
 crypto/asn1/a_bitstr.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index 2f0d8f8c2d..33be907f9d 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -66,10 +66,11 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
 
     *(p++) = (unsigned char)bits;
     d = a->data;
-    memcpy(p, d, len);
-    p += len;
-    if (len > 0)
+    if (len > 0) {
+        memcpy(p, d, len);
+        p += len;
         p[-1] &= (0xff << bits);
+    }
     *pp = p;
     return (ret);
 }
-- 
2.34.1