Hello community, here is the log from the commit of package openssl-1_1 for openSUSE:Factory checked in at 2019-06-14 08:34:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssl-1_1 (Old) and /work/SRC/openSUSE:Factory/.openssl-1_1.new.4811 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssl-1_1" Fri Jun 14 08:34:53 2019 rev:7 rq: version:1.1.1b Changes: -------- --- /work/SRC/openSUSE:Factory/openssl-1_1/openssl-1_1.changes 2019-05-16 21:54:43.762922413 +0200 +++ /work/SRC/openSUSE:Factory/.openssl-1_1.new.4811/openssl-1_1.changes 2019-06-14 08:34:57.181061942 +0200 @@ -1,0 +2,12 @@ +Tue May 28 08:21:52 UTC 2019 - Jiri Slaby <jsl...@suse.com> + +- add 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch + (bnc#1136522) + +------------------------------------------------------------------- +Mon May 20 16:21:01 UTC 2019 - Vítězslav Čížek <vci...@suse.com> + +- Fix a crash caused by long locale messages (bsc#1135550) + * add openssl-fix_underflow_in_errstr_handling.patch + +------------------------------------------------------------------- New: ---- 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch openssl-fix_underflow_in_errstr_handling.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl-1_1.spec ++++++ --- /var/tmp/diff_new_pack.TQ1f20/_old 2019-06-14 08:34:58.301061683 +0200 +++ /var/tmp/diff_new_pack.TQ1f20/_new 2019-06-14 08:34:58.309061681 +0200 @@ -50,6 +50,9 @@ Patch9: 0001-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch # PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8371 Patch10: openssl-fix-handling-of-GNU-strerror_r.patch +Patch11: openssl-fix_underflow_in_errstr_handling.patch +# PATCH-FIX-UPSTREAM https://github.com/openssl/openssl/pull/8649 bnc#1136522 +Patch12: 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch BuildRequires: pkgconfig Conflicts: ssl Provides: ssl ++++++ 0001-Fix-for-BIO_get_mem_ptr-and-related-regressions.patch ++++++ From: Tomas Mraz <tm...@fedoraproject.org> Date: Wed, 3 Apr 2019 12:31:32 +0200 Subject: Fix for BIO_get_mem_ptr and related regressions Patch-mainline: yes Git-commit: b238fb79709a180ba9b4d837101c9f75e2978dc0 References: bnc#1136522 Reviewed-by: Bernd Edlinger <bernd.edlin...@hotmail.de> Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8649) Signed-off-by: Jiri Slaby <jsl...@suse.cz> --- crypto/bio/bss_mem.c | 40 ++++++++++++++++++++++++++++------------ 1 file changed, 28 insertions(+), 12 deletions(-) diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index 89c54b2d53df..51fae3b2f0b9 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -57,7 +57,12 @@ static const BIO_METHOD secmem_method = { NULL, /* mem_callback_ctrl */ }; -/* BIO memory stores buffer and read pointer */ +/* + * BIO memory stores buffer and read pointer + * however the roles are different for read only BIOs. + * In that case the readp just stores the original state + * to be used for reset. + */ typedef struct bio_buf_mem_st { struct buf_mem_st *buf; /* allocated buffer */ struct buf_mem_st *readp; /* read pointer */ @@ -192,6 +197,8 @@ static int mem_read(BIO *b, char *out, int outl) BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr; BUF_MEM *bm = bbm->readp; + if (b->flags & BIO_FLAGS_MEM_RDONLY) + bm = bbm->buf; BIO_clear_retry_flags(b); ret = (outl >= 0 && (size_t)outl > bm->length) ? (int)bm->length : outl; if ((out != NULL) && (ret > 0)) { @@ -241,29 +248,36 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr; BUF_MEM *bm; + if (b->flags & BIO_FLAGS_MEM_RDONLY) + bm = bbm->buf; + else + bm = bbm->readp; + switch (cmd) { case BIO_CTRL_RESET: bm = bbm->buf; if (bm->data != NULL) { - /* For read only case reset to the start again */ - if ((b->flags & BIO_FLAGS_MEM_RDONLY) || (b->flags & BIO_FLAGS_NONCLEAR_RST)) { - bm->length = bm->max; + if (!(b->flags & BIO_FLAGS_MEM_RDONLY)) { + if (b->flags & BIO_FLAGS_NONCLEAR_RST) { + bm->length = bm->max; + } else { + memset(bm->data, 0, bm->max); + bm->length = 0; + } + *bbm->readp = *bbm->buf; } else { - memset(bm->data, 0, bm->max); - bm->length = 0; + /* For read only case just reset to the start again */ + *bbm->buf = *bbm->readp; } - *bbm->readp = *bbm->buf; } break; case BIO_CTRL_EOF: - bm = bbm->readp; ret = (long)(bm->length == 0); break; case BIO_C_SET_BUF_MEM_EOF_RETURN: b->num = (int)num; break; case BIO_CTRL_INFO: - bm = bbm->readp; ret = (long)bm->length; if (ptr != NULL) { pptr = (char **)ptr; @@ -278,8 +292,9 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_C_GET_BUF_MEM_PTR: if (ptr != NULL) { - mem_buf_sync(b); - bm = bbm->readp; + if (!(b->flags & BIO_FLAGS_MEM_RDONLY)) + mem_buf_sync(b); + bm = bbm->buf; pptr = (char **)ptr; *pptr = (char *)bm; } @@ -294,7 +309,6 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) ret = 0L; break; case BIO_CTRL_PENDING: - bm = bbm->readp; ret = (long)bm->length; break; case BIO_CTRL_DUP: @@ -318,6 +332,8 @@ static int mem_gets(BIO *bp, char *buf, int size) BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)bp->ptr; BUF_MEM *bm = bbm->readp; + if (bp->flags & BIO_FLAGS_MEM_RDONLY) + bm = bbm->buf; BIO_clear_retry_flags(bp); j = bm->length; if ((size - 1) < j) -- 2.21.0 ++++++ openssl-fix-handling-of-GNU-strerror_r.patch ++++++ --- /var/tmp/diff_new_pack.TQ1f20/_old 2019-06-14 08:34:58.421061655 +0200 +++ /var/tmp/diff_new_pack.TQ1f20/_new 2019-06-14 08:34:58.421061655 +0200 @@ -1,8 +1,8 @@ -diff --git a/crypto/o_str.c b/crypto/o_str.c -index 02578dbf0d..3b271e745b 100644 ---- a/crypto/o_str.c -+++ b/crypto/o_str.c -@@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) +Index: openssl-1.1.1b/crypto/o_str.c +=================================================================== +--- openssl-1.1.1b.orig/crypto/o_str.c 2019-02-26 15:15:30.000000000 +0100 ++++ openssl-1.1.1b/crypto/o_str.c 2019-05-20 17:06:07.956663953 +0200 +@@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char #if defined(_MSC_VER) && _MSC_VER>=1400 return !strerror_s(buf, buflen, errnum); #elif defined(_GNU_SOURCE) @@ -30,7 +30,7 @@ #elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \ (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600) /* -@@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) +@@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char return !strerror_r(errnum, buf, buflen); #else char *err; @@ -38,7 +38,7 @@ /* Fall back to non-thread safe strerror()...its all we can do */ if (buflen < 2) return 0; -@@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) +@@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char /* Can this ever happen? */ if (err == NULL) return 0; ++++++ openssl-fix_underflow_in_errstr_handling.patch ++++++ Index: openssl-1.1.1b/crypto/err/err.c =================================================================== --- openssl-1.1.1b.orig/crypto/err/err.c 2019-02-26 15:15:30.000000000 +0100 +++ openssl-1.1.1b/crypto/err/err.c 2019-05-21 21:14:31.211536069 +0200 @@ -185,7 +185,7 @@ static ERR_STRING_DATA *int_err_get_item #ifndef OPENSSL_NO_ERR /* A measurement on Linux 2018-11-21 showed about 3.5kib */ -# define SPACE_SYS_STR_REASONS 4 * 1024 +# define SPACE_SYS_STR_REASONS 8 * 1024 # define NUM_SYS_STR_REASONS 127 static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; @@ -225,8 +225,8 @@ static void build_SYS_str_reasons(void) str->string = cur; cnt += l; - if (cnt > sizeof(strerror_pool)) - cnt = sizeof(strerror_pool); + if (cnt >= sizeof(strerror_pool)) + cnt = sizeof(strerror_pool) - 1; cur += l; /*
