From 349c23dbb7a4f3ffe29f3c9deff418aab6266fd0 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 10 Jan 2023 13:51:49 +1100
Subject: [PATCH] Accept 'in=NULL' with 'inlen=0' in isc_{half}siphash24

Arthimetic on NULL pointers is undefined.  Avoid arithmetic operations
when 'in' is NULL and require 'in' to be non-NULL if 'inlen' is not zero.
---
 lib/isc/siphash.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/isc/siphash.c b/lib/isc/siphash.c
index 179e9f31a8..46bd5de70a 100644
--- a/lib/isc/siphash.c
+++ b/lib/isc/siphash.c
@@ -78,6 +78,7 @@ isc_siphash24(const uint8_t *k, const uint8_t *in, const size_t inlen,
 	      bool case_sensitive, uint8_t *out) {
 	REQUIRE(k != NULL);
 	REQUIRE(out != NULL);
+	REQUIRE(inlen == 0 || in != NULL);
 
 	uint64_t k0 = ISC_U8TO64_LE(k);
 	uint64_t k1 = ISC_U8TO64_LE(k + 8);
@@ -89,7 +90,9 @@ isc_siphash24(const uint8_t *k, const uint8_t *in, const size_t inlen,
 
 	uint64_t b = ((uint64_t)inlen) << 56;
 
-	const uint8_t *end = in + inlen - (inlen % sizeof(uint64_t));
+	const uint8_t *end = (in == NULL)
+				     ? NULL
+				     : in + inlen - (inlen % sizeof(uint64_t));
 	const size_t left = inlen & 7;
 
 	for (; in != end; in += 8) {
@@ -158,6 +161,7 @@ isc_halfsiphash24(const uint8_t *k, const uint8_t *in, const size_t inlen,
 		  bool case_sensitive, uint8_t *out) {
 	REQUIRE(k != NULL);
 	REQUIRE(out != NULL);
+	REQUIRE(inlen == 0 || in != NULL);
 
 	uint32_t k0 = ISC_U8TO32_LE(k);
 	uint32_t k1 = ISC_U8TO32_LE(k + 4);
@@ -169,7 +173,9 @@ isc_halfsiphash24(const uint8_t *k, const uint8_t *in, const size_t inlen,
 
 	uint32_t b = ((uint32_t)inlen) << 24;
 
-	const uint8_t *end = in + inlen - (inlen % sizeof(uint32_t));
+	const uint8_t *end = (in == NULL)
+				     ? NULL
+				     : in + inlen - (inlen % sizeof(uint32_t));
 	const int left = inlen & 3;
 
 	for (; in != end; in += 4) {