From 142deef717bad843fc04c5afb925bfd9e7dc4305 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sun, 21 Jul 2024 08:44:02 -0400
Subject: [PATCH 1/2] Fixed invariant violation in `MemBio::get_buf` with empty
 results

Pointer arguments to `slice::from_raw_parts` are required to be non-null. (See https://davidben.net/2024/01/15/empty-slices.html for details.)
---
 openssl/src/bio.rs | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/openssl/src/bio.rs b/openssl/src/bio.rs
index 96a63d19c4..1595f89f1b 100644
--- a/openssl/src/bio.rs
+++ b/openssl/src/bio.rs
@@ -63,7 +63,11 @@ impl MemBio {
         unsafe {
             let mut ptr = ptr::null_mut();
             let len = ffi::BIO_get_mem_data(self.0, &mut ptr);
-            slice::from_raw_parts(ptr as *const _ as *const _, len as usize)
+            if len == 0 {
+                &[]
+            } else {
+                slice::from_raw_parts(ptr as *const _ as *const _, len as usize)
+            }
         }
     }
 
@@ -83,3 +87,14 @@ cfg_if! {
         }
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::MemBio;
+
+    #[test]
+    fn test_mem_bio_get_buf_empty() {
+        let b = MemBio::new().unwrap();
+        assert_eq!(b.get_buf(), &[]);
+    }
+}

From 5ce473b4e56e8c68e11428d2e9fdb0abf984aa59 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sun, 21 Jul 2024 08:59:05 -0400
Subject: [PATCH 2/2] Release openssl v0.10.66

---
 openssl/CHANGELOG.md | 9 ++++++++-
 openssl/Cargo.toml   | 2 +-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/openssl/CHANGELOG.md b/openssl/CHANGELOG.md
index d734fbbce6..e3d1045ac0 100644
--- a/openssl/CHANGELOG.md
+++ b/openssl/CHANGELOG.md
@@ -2,6 +2,12 @@
 
 ## [Unreleased]
 
+## [v0.10.66] - 2024-07-21
+
+### Fixed
+
+- Fixed undefined behavior in `MemBio::get_buf` when the resulting buffer had a length of 0.
+
 ## [v0.10.65] - 2024-07-20
 
 ### Fixed
@@ -902,7 +908,8 @@
 
 Look at the [release tags] for information about older releases.
 
-[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.65...master
+[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.66...master
+[v0.10.66]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.65...openssl-v0.10.66
 [v0.10.65]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.64...openssl-v0.10.65
 [v0.10.64]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.63...openssl-v0.10.64
 [v0.10.63]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.62...openssl-v0.10.63
diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml
index bb94398288..cc8ef0accc 100644
--- a/openssl/Cargo.toml
+++ b/openssl/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "openssl"
-version = "0.10.65"
+version = "0.10.66"
 authors = ["Steven Fackler <sfackler@gmail.com>"]
 license = "Apache-2.0"
 description = "OpenSSL bindings"