10628.diff

commit b859e175a0f2357dcfe2211ca487a7bde0e971b1
Author: Jack Lloyd <jack@randombit.net>
Date:   Sun Sep 23 12:43:11 2018 -0400

    Fix a crash in the mode padding fuzzer
    
    The reference version of 1and0 padding would crash on an all-zero input.
    
    OSS-Fuzz 10628

diff --git a/src/fuzzer/mode_padding.cpp b/src/fuzzer/mode_padding.cpp
index 05cb1a8f6..985ea25e3 100644
--- a/src/fuzzer/mode_padding.cpp
+++ b/src/fuzzer/mode_padding.cpp
@@ -54,24 +54,26 @@ size_t ref_x923_unpad(const uint8_t in[], size_t len)
 size_t ref_oneandzero_unpad(const uint8_t in[], size_t len)
    {
    if(len <= 2)
       return len;
 
    size_t idx = len - 1;
 
    while(idx >= 0)
       {
       if(in[idx] == 0)
          {
+         if(idx == 0)
+            return len;
          idx -= 1;
          continue;
          }
       else if(in[idx] == 0x80)
          {
          return idx;
          }
       else
          return len;
       }
 
    return len;
    }
diff --git a/src/tests/data/pad.vec b/src/tests/data/pad.vec
index 54efa4f1d..712d38709 100644
--- a/src/tests/data/pad.vec
+++ b/src/tests/data/pad.vec
@@ -102,6 +102,9 @@ Blocksize = 8
 In  = FF70000000000081
 Blocksize = 8
 
+In  = 0000000000000000
+Blocksize = 8
+
 [X9.23]
 In  = FFFFFF
 Out = FFFFFF0000000000000000000000000D