diff options
author | Jung-uk Kim <jkim@FreeBSD.org> | 2017-05-25 19:38:38 +0000 |
---|---|---|
committer | Jung-uk Kim <jkim@FreeBSD.org> | 2017-05-25 19:38:38 +0000 |
commit | 12df5ad9af4981f5d3c31a9819d31618c0f1af51 (patch) | |
tree | 97e3336a3054b8d8a0150b9d414934f73c99cb30 /crypto/conf | |
parent | 5315173646e65b5025be33013edc33eb9658e683 (diff) | |
download | src-12df5ad9af4981f5d3c31a9819d31618c0f1af51.tar.gz src-12df5ad9af4981f5d3c31a9819d31618c0f1af51.zip |
Import OpenSSL 1.0.2l.vendor/openssl/1.0.2l
Notes
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=318897
svn path=/vendor-crypto/openssl/1.0.2l/; revision=318898; tag=vendor/openssl/1.0.2l
Diffstat (limited to 'crypto/conf')
-rw-r--r-- | crypto/conf/conf.h | 1 | ||||
-rw-r--r-- | crypto/conf/conf_def.c | 16 | ||||
-rw-r--r-- | crypto/conf/conf_err.c | 2 |
3 files changed, 17 insertions, 2 deletions
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h index 8d926d5d8268..fe49113080b7 100644 --- a/crypto/conf/conf.h +++ b/crypto/conf/conf.h @@ -259,6 +259,7 @@ void ERR_load_CONF_strings(void); # define CONF_R_NO_VALUE 108 # define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103 # define CONF_R_UNKNOWN_MODULE_NAME 113 +# define CONF_R_VARIABLE_EXPANSION_TOO_LONG 116 # define CONF_R_VARIABLE_HAS_NO_VALUE 104 #ifdef __cplusplus diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 68c77cec7d8b..75e309aaca81 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -69,6 +69,12 @@ #include <openssl/buffer.h> #include <openssl/err.h> +/* + * The maximum length we can grow a value to after variable expansion. 64k + * should be more than enough for all reasonable uses. + */ +#define MAX_CONF_VALUE_LENGTH 65536 + static char *eat_ws(CONF *conf, char *p); static char *eat_alpha_numeric(CONF *conf, char *p); static void clear_comments(CONF *conf, char *p); @@ -530,6 +536,8 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) } else if (IS_EOF(conf, *from)) break; else if (*from == '$') { + size_t newsize; + /* try to expand it */ rrp = NULL; s = &(from[1]); @@ -584,8 +592,12 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE); goto err; } - if (!BUF_MEM_grow_clean(buf, - (strlen(p) + buf->length - (e - from)))) { + newsize = strlen(p) + buf->length - (e - from); + if (newsize > MAX_CONF_VALUE_LENGTH) { + CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_EXPANSION_TOO_LONG); + goto err; + } + if (!BUF_MEM_grow_clean(buf, newsize)) { CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE); goto err; } diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c index bb5e2fe25215..b0b6896f837e 100644 --- a/crypto/conf/conf_err.c +++ b/crypto/conf/conf_err.c @@ -115,6 +115,8 @@ static ERR_STRING_DATA CONF_str_reasons[] = { {ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION), "unable to create new section"}, {ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"}, + {ERR_REASON(CONF_R_VARIABLE_EXPANSION_TOO_LONG), + "variable expansion too long"}, {ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"}, {0, NULL} }; |