[openssl/openssl] d9d260: SSL_set1_groups_list(): Fix memory corruption with...

Hamilton Chapman noreply at github.com
Sun Feb 25 10:04:20 UTC 2024 

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: d9d260eb95ec129b93a55965b6f2f392df0ed0a9
      https://github.com/openssl/openssl/commit/d9d260eb95ec129b93a55965b6f2f392df0ed0a9
  Author: Michael Baentsch <57787676+baentsch at users.noreply.github.com>
  Date:   2024-02-22 (Thu, 22 Feb 2024)

  Changed paths:
    M ssl/t1_lib.c
    M test/sslapitest.c
    M test/tls-provider.c

  Log Message:
  -----------
  SSL_set1_groups_list(): Fix memory corruption with 40 groups and more

Fixes #23624

The calculation of the size for gid_arr reallocation was wrong.
A multiplication by gid_arr array item size was missing.

Testcase is added.

Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Cherry-pick from https://github.com/openssl/openssl/pull/23625)

Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
(Merged from https://github.com/openssl/openssl/pull/23661)


  Commit: 1dea252221624542ca258231e5dc4c8bb528a97b
      https://github.com/openssl/openssl/commit/1dea252221624542ca258231e5dc4c8bb528a97b
  Author: Hamilton Chapman <hamchapman at gmail.com>
  Date:   2024-02-25 (Sun, 25 Feb 2024)

  Changed paths:
    M Configurations/15-ios.conf
    M Configurations/unix-Makefile.tmpl

  Log Message:
  -----------
  Ensure `$(MAKE)` commands and `CFLAGS` are appropriately quoted in the Makefile.

If a user's `make` command came from a path that contained a space then both the
`$(MAKE)` variable (and parts of the generated `CFLAGS`, when building for iOS)
would not be properly quoted and the build would fail.

Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23663)

(cherry picked from commit aba621934696ca52193bd41cd35816649b6b321b)


Compare: https://github.com/openssl/openssl/compare/6f794b461c6e...1dea25222162

To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications

More information about the openssl-commits mailing list