On Wed, Dec 03, 2003, Matt Pauker wrote: > Hi, > > I just recently moved from 0.9.7 to 0.9.7c and discovered what I think > is a bug in the base64 BIO decoding code. > > When the source bio is a read-write memory bio, and has more than 1024 > bytes of data to decode (in my test case it was less than 2048, but I > suspect more would fail as well), the BIO only writes out 720 bytes of > decoded data and then fails. The cause seems to be in these new lines > (290-294) of bio_b64.c: > > /* If buffer isn't full and we can retry then > * restart to read in more data. > */ > else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) > continue; > > What's happening is that on the second pass through the while loop (the > first pass reads 1024 (B64_BLOCK_SIZE) bytes and writes out 720), > BIO_read is reading < 1024 bytes (as that's all that's left in the > memory BIO). Then, when it hits this else, it goes back to the > beginning and calls BIO_read again. But BIO_read returns -1 (no more > data), and the function returns failure, with only the 720 bytes written > out. >
Actually this isn't a bug. A memory BIO can behave a bit like a pipe in that after all data has been read it can signal that more data is available: in this case when more data is written to it. Sometimes however when all data has been read from a BIO no more data is available and it really is EOF. With a memory BIO there's no way to automatically decide this and the application has to decide whether end of data should signal a retry or EOF. The function BIO_set_mem_eof_return() is used to signal this: so try setting BIO_set_mem_eof_return(bio, 0) and all should be as expected. See the BIO_s_mem() manual page for more details. The reason this worked in previous versions of OpenSSL is that the base64 BIO had a bug which didn't work properly with non blocking I/O. The side effect is that it now has to have a correct EOF indication from the relevant BIO. Oh and a -1 from BIO_read() isn't necessarily an error either: see the BIO_read() manual page. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
