diff options
| author | Gordon Tetlow <gordon@FreeBSD.org> | 2024-09-04 03:56:17 +0000 |
|---|---|---|
| committer | Gordon Tetlow <gordon@FreeBSD.org> | 2024-09-04 03:56:17 +0000 |
| commit | 108164cf95d9594884c2dcccba2691335e6f221b (patch) | |
| tree | 4e7056d88b26a82672d06a7aca8052b58615ca2f /crypto/property/property.c | |
| parent | e60dbfd00b009d424dfc5446d132872c93dd0aed (diff) | |
openssl: Import OpenSSL 3.0.15.vendor/openssl/3.0.15vendor/openssl-3.0
This release incorporates the following bug fixes and mitigations:
- Fixed possible denial of service in X.509 name checks ([CVE-2024-6119])
- Fixed possible buffer overread in SSL_select_next_proto() ([CVE-2024-5535])
Release notes can be found at:
https://openssl-library.org/news/openssl-3.0-notes/index.html
Diffstat (limited to 'crypto/property/property.c')
| -rw-r--r-- | crypto/property/property.c | 55 |
1 files changed, 36 insertions, 19 deletions
diff --git a/crypto/property/property.c b/crypto/property/property.c index 602db0f3ff54..75615d39af36 100644 --- a/crypto/property/property.c +++ b/crypto/property/property.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -95,6 +95,8 @@ typedef struct { DEFINE_SPARSE_ARRAY_OF(ALGORITHM); +DEFINE_STACK_OF(ALGORITHM) + typedef struct ossl_global_properties_st { OSSL_PROPERTY_LIST *list; #ifndef FIPS_MODULE @@ -469,33 +471,45 @@ static void alg_do_one(ALGORITHM *alg, IMPLEMENTATION *impl, fn(alg->nid, impl->method.method, fnarg); } -struct alg_do_each_data_st { - void (*fn)(int id, void *method, void *fnarg); - void *fnarg; -}; - -static void alg_do_each(ossl_uintmax_t idx, ALGORITHM *alg, void *arg) +static void alg_copy(ossl_uintmax_t idx, ALGORITHM *alg, void *arg) { - struct alg_do_each_data_st *data = arg; - int i, end = sk_IMPLEMENTATION_num(alg->impls); - - for (i = 0; i < end; i++) { - IMPLEMENTATION *impl = sk_IMPLEMENTATION_value(alg->impls, i); + STACK_OF(ALGORITHM) *newalg = arg; - alg_do_one(alg, impl, data->fn, data->fnarg); - } + (void)sk_ALGORITHM_push(newalg, alg); } void ossl_method_store_do_all(OSSL_METHOD_STORE *store, void (*fn)(int id, void *method, void *fnarg), void *fnarg) { - struct alg_do_each_data_st data; + int i, j; + int numalgs, numimps; + STACK_OF(ALGORITHM) *tmpalgs; + ALGORITHM *alg; - data.fn = fn; - data.fnarg = fnarg; - if (store != NULL) - ossl_sa_ALGORITHM_doall_arg(store->algs, alg_do_each, &data); + if (store != NULL) { + + if (!ossl_property_read_lock(store)) + return; + + tmpalgs = sk_ALGORITHM_new_reserve(NULL, + ossl_sa_ALGORITHM_num(store->algs)); + if (tmpalgs == NULL) { + ossl_property_unlock(store); + return; + } + + ossl_sa_ALGORITHM_doall_arg(store->algs, alg_copy, tmpalgs); + ossl_property_unlock(store); + numalgs = sk_ALGORITHM_num(tmpalgs); + for (i = 0; i < numalgs; i++) { + alg = sk_ALGORITHM_value(tmpalgs, i); + numimps = sk_IMPLEMENTATION_num(alg->impls); + for (j = 0; j < numimps; j++) + alg_do_one(alg, sk_IMPLEMENTATION_value(alg->impls, j), fn, fnarg); + } + sk_ALGORITHM_free(tmpalgs); + } } int ossl_method_store_fetch(OSSL_METHOD_STORE *store, @@ -651,10 +665,13 @@ static void impl_cache_flush_one_alg(ossl_uintmax_t idx, ALGORITHM *alg, void *v) { IMPL_CACHE_FLUSH *state = (IMPL_CACHE_FLUSH *)v; + unsigned long orig_down_load = lh_QUERY_get_down_load(alg->cache); state->cache = alg->cache; + lh_QUERY_set_down_load(alg->cache, 0); lh_QUERY_doall_IMPL_CACHE_FLUSH(state->cache, &impl_cache_flush_cache, state); + lh_QUERY_set_down_load(alg->cache, orig_down_load); } static void ossl_method_cache_flush_some(OSSL_METHOD_STORE *store) |