Undefined behavior (applying zero offset to null pointer) when calling gcm_process

[YuaaCindy]

Hello.
I'm using latest libtomcrypt on Ubuntu 20.04. I compiled it with clang++10.0.0 and ubsan.
When executing the following testfile, ubsan detected a runtime error (applying zero offset to null pointer) when calling gcm_process.

#include <tomcrypt.h>
#include <vector>
#include <stdint.h>
#include <cstdio>
using namespace std;

int main(){
    gcm_state gcm;
    const uint8_t key[] =  {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd7, 0xea, 0x31, 0x29, 0xbd, 0x82, 0x2e, 0xf9};
    const uint8_t text[] =  {0x9b, 0x6b, 0x6a, 0x5c, 0x1f, 0x0c, 0x5b, 0x7b,} ;
    const uint8_t iv[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0xf2, 0xda};
    register_all_ciphers();
    int idx= find_cipher("aes");
    uint8_t out[32]={0};
    int err = 0;
    if(gcm_init(&gcm, idx, key, sizeof(key)) != CRYPT_OK){
        abort();
    }
    if(gcm_add_iv(&gcm, iv, sizeof(iv)) != CRYPT_OK){
        abort();
    }
    vector<unsigned char> cipher;
    for(int i=0;i<sizeof(text);i++){
        cipher.push_back(text[i]);
    }
    if(gcm_process(&gcm, out, cipher.size(), cipher.data(), GCM_DECRYPT) != CRYPT_OK){
        abort();
    }
    return 0;
}

This llvm review discusses the issue:

in C (6.5.6p8), applying any offset to null pointer is undefined

According to some existing fix such as mozilla's , I suppose it should be addressed to avoid potential problems and fit ubsan.

Hope you can check this case.
Thanks!

[sjaeckel]

diff --git a/src/encauth/gcm/gcm_add_aad.c b/src/encauth/gcm/gcm_add_aad.c
index 1e71639f..27538b6e 100644
--- a/src/encauth/gcm/gcm_add_aad.c
+++ b/src/encauth/gcm/gcm_add_aad.c
@@ -85,3 +85,3 @@ int gcm_add_aad(gcm_state *gcm,
 #ifdef LTC_FAST
-   if (gcm->buflen == 0) {
+   if (gcm->buflen == 0 && adatalen > 15) {
       for (x = 0; x < (adatalen & ~15); x += 16) {

does this solve the issue?

[YuaaCindy]

Yes. Confirm fixed.
Thanks a lot :)