commit b58dcde804dc9f69f89c620592b910083f32b01c
author Shawn Willden <swillden@google.com> Mon Mar 02 12:53:13 2015 -0700
committer Shawn Willden <swillden@google.com> Tue Mar 17 20:35:52 2015 -0600
tree e00818a640cc9a54c413bdae352ac930228d5f8f
parent 3b4e1652ac6fca90a47759f84946a9728c251cd7

Make AuthorizationSet handle null initializers safely.

Change-Id: Ic58bb779c8cb30828ec9f57a1bb5bfe44c59a074

authorization_set.cpp

diff --git a/authorization_set.cpp b/authorization_set.cpp
index e2bce14..b3c186c 100644
--- a/authorization_set.cpp
+++ b/authorization_set.cpp
@@ -108,6 +108,11 @@
 bool AuthorizationSet::Reinitialize(const keymaster_key_param_t* elems, const size_t count) {
     FreeData();
 
+    if (elems == NULL || count == 0) {
+        error_ = OK;
+        return true;
+    }
+
     if (!reserve_elems(count))
         return false;
 

authorization_set_test.cpp

diff --git a/authorization_set_test.cpp b/authorization_set_test.cpp
index a8efecc..c869d8d 100644
--- a/authorization_set_test.cpp
+++ b/authorization_set_test.cpp
@@ -54,6 +54,20 @@
     EXPECT_EQ(set, set2);
 }
 
+TEST(Construction, NullProvided) {
+    keymaster_key_param_t params[] = {
+        Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
+    };
+
+    AuthorizationSet set1(params, 0);
+    EXPECT_EQ(0, set1.size());
+    EXPECT_EQ(AuthorizationSet::OK, set1.is_valid());
+
+    AuthorizationSet set2(reinterpret_cast<keymaster_key_param_t*>(NULL), array_length(params));
+    EXPECT_EQ(0, set2.size());
+    EXPECT_EQ(AuthorizationSet::OK, set2.is_valid());
+}
+
 TEST(Lookup, NonRepeated) {
     AuthorizationSet set(AuthorizationSetBuilder()
                              .Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN)