A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.7.0 2022-12-07T23:08:47+00:00 2022-12-07T23:08:47+00:00 schwarze 2022-12-07T23:08:47+00:00 urn:sha1:eab11350130a507ed42936e4a3c922f3930a163e and reports failure if a call would result in a cycle. The algorithm used was originally suggested by jsing@. Feedback and OK tb@. 2022-12-06T17:59:21+00:00 schwarze 2022-12-06T17:59:21+00:00 urn:sha1:3b64f394bc39450f6bc4bd64ecff7d97d8f0ddb7 and next_bio fields of all BIO objects in all affected chains, no matter what the arguments are. In particular, if the second argument (the one to be appended) is not at the beginning of its chain, properly detach the beginning of its chain before appending. We have weak indications that this bug might affect real-world code. For example, in FreeRDP, file libfreerdp/crypto/tls.c, function bio_rdp_tls_ctrl(), case BIO_C_SET_SSL, BIO_push(3) is definitely called with a second argument that is *not* at the beginning of its chain. Admittedly, that code is hard to fathom, but it does appear to result in a bogus prev_bio pointer without this patch. The practical impact of this bug in this and other software remains unknown; the consequences might possibly escalate up to use-after-free issues if BIO_pop(3) is afterwards called on corrupted BIO objects. OK tb@ 2022-12-06T16:10:55+00:00 schwarze 2022-12-06T16:10:55+00:00 urn:sha1:acd6804e79b3e295f377e2b130890a08aafc3c2f invariants of the prev_bio and next_bio fields of all BIO objects in all involved chains, no matter which arguments this function is called with. Both real-world uses of this function (in libssl and freerdp) have been audited to make sure this makes nothing worse. We believe libssl behaves correctly before and after the patch (mostly because the second argument is NULL there), and we believe the code in freerdp behaves incorrectly before and after the patch, leaving a prev_bio pointer in place that is becoming bogus, only in a different object before and after the patch. But after the patch, that bogus pointer is due to a separate bug in BIO_push(3), which we are planning to fix afterwards. Joint work with and OK tb@. 2022-12-02T19:44:04+00:00 tb 2022-12-02T19:44:04+00:00 urn:sha1:a24e48fc0fa4c6c759985c014000574a65d4d0a8 As schwarze points out, you can pop any BIO in a chain, not just the first one (bonus points for a great name for this API). The internal doubly linked was used to fix up the BIO chain bio was part of when you BIO_pop() a bio that wasn't in the first position, which is explicitly allowed in our documentation and implied by OpenSSL's. 2022-11-30T01:56:18+00:00 jsing 2022-11-30T01:56:18+00:00 urn:sha1:91315cb3be072462af759c6d8f63e0611eacd0e2 For various historical reasons, there are a number of cases where our BIO_read() and BIO_write() return slightly different values to what OpenSSL 3.x does (of course OpenSSL 1.0 differs from OpenSSL 1.1 which differs from OpenSSL 3.x). Mostly align these - some further work will be needed. Issue raised by tb@ who also wrote some test code. 2022-11-28T07:50:00+00:00 tb 2022-11-28T07:50:00+00:00 urn:sha1:12f76b76beacba6aead901d495f28742f55c8995 While BIO chains are doubly linked lists, nothing has ever made use of this fact internally. Even libssl has failed to maintain prev_bio properly in two places for a long time. When BIO was made opaque, the opportunity to fix that was missed. Instead, BIO_set_next() now allows breaking the lists from outside the library, which freerdp has long done. Problem found by schwarze while trying to document BIO_set_next(). schwarze likes the idea ok jsing 2022-10-17T18:26:41+00:00 jsing 2022-10-17T18:26:41+00:00 urn:sha1:16d28f35982285c3fa25fa684eeccb156a626557 Passing an indent value of 67 results in DUMP_WIDTH_LESS_IDENT returning a value of zero, which is promptly used for division. Likewise, passing a value larger than 67 results in a negative value being returned. Prevent this by limiting indent to 64 (which matches OpenSSL's current behaviour), as well as ensuring that dump_width is > 0. Should fix oss-fuzz #52464 and #52467. ok miod@ tb@ 2022-09-11T17:26:03+00:00 tb 2022-09-11T17:26:03+00:00 urn:sha1:94cbd0cbaa6bd7b993b4ff34b97d4b25871d250e Various projects use bio_info_cb and BIO_info_cb interchangeably, for example mupdf and freerdp. This is because this was changed in OpenSSL commit fce78bd4 (2017), triggered by new warnings in gcc 8. https://github.com/openssl/openssl/pull/4493 This results in some scary compiler warnings and useless patches in ports. Nobody seems to be using the old bio_info_cb() version. ok jsing 2022-08-15T10:48:45+00:00 tb 2022-08-15T10:48:45+00:00 urn:sha1:9941457719d171d10c67071b0c61a16d8bde375c If the bgets() callback returns <= 0, we currently rely on the user provided callback to set readbytes, which isn't ideal. This also matches what's done in BIO_read() and BIO_write(). ok jsing 2022-07-12T14:42:50+00:00 kn 2022-07-12T14:42:50+00:00 urn:sha1:89e42d5857196a8071fbafb5565388d0e20ec32b This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb