[openssl] openssl-3.0 update
tomas at openssl.org
tomas at openssl.org
Mon Jan 24 14:21:28 UTC 2022
The branch openssl-3.0 has been updated
via e293979b2c23712769bf9c655e8a440bf2d3d44f (commit)
from 45036df45048c6498efa49d3572869830d05df45 (commit)
- Log -----------------------------------------------------------------
commit e293979b2c23712769bf9c655e8a440bf2d3d44f
Author: Hubert Kario <hkario at redhat.com>
Date: Thu Jan 20 17:35:18 2022 +0100
s_server: correctly handle 2^14 byte long records
as the code uses BIO_gets, and it always null terminates the
strings it reads, when it reads a record 2^14 byte long, it actually
returns 2^14-1 bytes to the calling application, in general it returns
size-1 bytes to the caller
This makes the code sub-optimal (as every 2^14 record will need two
BIO_gets() calls) and makes it impossible to use -rev option to test
all plaintext lengths (like in openssl#15706)
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17553)
-----------------------------------------------------------------------
Summary of changes:
apps/s_server.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/apps/s_server.c b/apps/s_server.c
index d95bf14cbf..813c56592c 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2982,7 +2982,9 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
/* Set width for a select call if needed */
width = s + 1;
- buf = app_malloc(bufsize, "server www buffer");
+ /* as we use BIO_gets(), and it always null terminates data, we need
+ * to allocate 1 byte longer buffer to fit the full 2^14 byte record */
+ buf = app_malloc(bufsize + 1, "server www buffer");
io = BIO_new(BIO_f_buffer());
ssl_bio = BIO_new(BIO_f_ssl());
if ((io == NULL) || (ssl_bio == NULL))
@@ -3047,7 +3049,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
}
for (;;) {
- i = BIO_gets(io, buf, bufsize - 1);
+ i = BIO_gets(io, buf, bufsize + 1);
if (i < 0) { /* error */
if (!BIO_should_retry(io) && !SSL_waiting_for_async(con)) {
if (!s_quiet)
@@ -3112,7 +3114,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context)
* we're expecting to come from the client. If they haven't
* sent one there's not much we can do.
*/
- BIO_gets(io, buf, bufsize - 1);
+ BIO_gets(io, buf, bufsize + 1);
}
BIO_puts(io,
@@ -3401,7 +3403,9 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
SSL *con;
BIO *io, *ssl_bio, *sbio;
- buf = app_malloc(bufsize, "server rev buffer");
+ /* as we use BIO_gets(), and it always null terminates data, we need
+ * to allocate 1 byte longer buffer to fit the full 2^14 byte record */
+ buf = app_malloc(bufsize + 1, "server rev buffer");
io = BIO_new(BIO_f_buffer());
ssl_bio = BIO_new(BIO_f_ssl());
if ((io == NULL) || (ssl_bio == NULL))
@@ -3476,7 +3480,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context)
print_ssl_summary(con);
for (;;) {
- i = BIO_gets(io, buf, bufsize - 1);
+ i = BIO_gets(io, buf, bufsize + 1);
if (i < 0) { /* error */
if (!BIO_should_retry(io)) {
if (!s_quiet)
More information about the openssl-commits
mailing list