[openssl/openssl] 40dca5: Fix genstr/genconf option in asn1parse

Neil Horman noreply at github.com
Wed Dec 13 17:05:30 UTC 2023 

  Branch: refs/heads/openssl-3.2
  Home:   https://github.com/openssl/openssl
  Commit: 40dca5944a5009380dbe9b44f9b6a6c5473a9d19
      https://github.com/openssl/openssl/commit/40dca5944a5009380dbe9b44f9b6a6c5473a9d19
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-12-13 (Wed, 13 Dec 2023)

  Changed paths:
    M apps/asn1parse.c

  Log Message:
  -----------
  Fix genstr/genconf option in asn1parse

At some point the asn1parse applet was changed to default the inform to
PEM, and defalt input file to stdin.  Doing so broke the -genstr|conf options,
in that, before we attempt to generate an ASN1 block from the provided
genstr string, we attempt to read a PEM input from stdin.  As a result,
this command:
openssl asn1parse -genstr OID:1.2.3.4
hangs because we are attempting a blocking read on stdin, waiting for
data that never arrives

Fix it by giving priority to genstr|genconf, such that, if set, will just run
do_generate on that string and exit

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22957)

(cherry picked from commit 749fcc0e3ce796474a15d6fac221e57daeacff1e)


  Commit: 00a3833a291cf281e70f92c1eab82e364640e0da
      https://github.com/openssl/openssl/commit/00a3833a291cf281e70f92c1eab82e364640e0da
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2023-12-13 (Wed, 13 Dec 2023)

  Changed paths:
    M apps/asn1parse.c
    M crypto/asn1/asn_moid.c
    A test/recipes/04-test_asn1_parse.t
    A test/test_asn1_parse.cnf

  Log Message:
  -----------
  Harden asn1 oid loader to invalid inputs

In the event that a config file contains this sequence:
=======
openssl_conf = openssl_init

config_diagnostics = 1

[openssl_init]
oid_section = oids

[oids]
testoid1 = 1.2.3.4.1
testoid2 = A Very Long OID Name, 1.2.3.4.2
testoid3 = ,1.2.3.4.3
======

The leading comma in testoid3 can cause a heap buffer overflow, as the
parsing code will move the string pointer back 1 character, thereby
pointing to an invalid memory space

correct the parser to detect this condition and handle it by treating it
as if the comma doesn't exist (i.e. an empty long oid name)

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22957)

(cherry picked from commit a552c23c6502592c1b3c67d93dd7e5ffbe958aa4)


Compare: https://github.com/openssl/openssl/compare/238647781b26...00a3833a291c

More information about the openssl-commits mailing list