Work around language and compiler bug in memcpy, etc.

Most C standard library functions are undefined if passed NULL, even
when the corresponding length is zero. This gives them (and, in turn,
all functions which call them) surprising behavior on empty arrays.
Some compilers will miscompile code due to this rule. See also

Add OPENSSL_memcpy, etc., wrappers which avoid this problem.


Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e
Commit-Queue: David Benjamin <>
Reviewed-by: Adam Langley <>
diff --git a/crypto/hkdf/hkdf.c b/crypto/hkdf/hkdf.c
index f21cb42..ae43b69 100644
--- a/crypto/hkdf/hkdf.c
+++ b/crypto/hkdf/hkdf.c
@@ -20,6 +20,8 @@
 #include <openssl/err.h>
 #include <openssl/hmac.h>
+#include "../internal.h"
 int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
          const uint8_t *secret, size_t secret_len, const uint8_t *salt,
@@ -95,7 +97,7 @@
     if (done + todo > out_len) {
       todo = out_len - done;
-    memcpy(out_key + done, previous, todo);
+    OPENSSL_memcpy(out_key + done, previous, todo);
     done += todo;