[openssl] master update
The branch master has been updated
via ff825807bc9bda996058df070f8ec23f7167e1a6 (commit)
from ce506d27ab5e7d17dfe3fe649768a0d19b6c86ee (commit)
- Log -
commit ff825807bc9bda996058df070f8ec23f7167e1a6
Author: Richard Levitte
Date: Fri Mar 1 14:15:13 2019 +0100
VMS: fix util/[un]local.com.in to handle attributes
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/8382)
---
Summary of changes:
util/local_shlib.com.in | 6 +-
util/unlocal_shlib.com.in | 6 +-
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/util/local_shlib.com.in b/util/local_shlib.com.in
index b3484e1..2e2eaa6 100644
--- a/util/local_shlib.com.in
+++ b/util/local_shlib.com.in
@@ -1,7 +1,11 @@
${-
+ use File::Spec::Functions qw(rel2abs);
+
+ my $bldtop = rel2abs($config{builddir});
our %names = ( map { platform->sharedname($_) =>
$bldtop.platform->sharedlib($_) }
- @{$unified_info{install}->{libraries}} );
+ grep { !$unified_info{attributes}->{$_}->{noinst} }
+ @{$unified_info{libraries}} );
"" -}
$ ! Create a local environment with the shared library logical names
$ ! properly set. Undo this with unlocal_shlib.com
diff --git a/util/unlocal_shlib.com.in b/util/unlocal_shlib.com.in
index f9ae76b..feade87 100644
--- a/util/unlocal_shlib.com.in
+++ b/util/unlocal_shlib.com.in
@@ -1,7 +1,11 @@
${-
+ use File::Spec::Functions qw(rel2abs);
+
+ my $bldtop = rel2abs($config{builddir});
our %names = ( map { platform->sharedname($_) =>
$bldtop.platform->sharedlib($_) }
- @{$unified_info{install}->{libraries}} );
+ grep { !$unified_info{attributes}->{$_}->{noinst} }
+ @{$unified_info{libraries}} );
"" -}
$ ! Remove the local environment created by local_shlib.com
$
[openssl] master update
The branch master has been updated
via ce506d27ab5e7d17dfe3fe649768a0d19b6c86ee (commit)
via 9b542d72d2e7d4893a11b2e87628d9ac8637b954 (commit)
from 469ce8ff48ef06b2e508d0c06a42ec86379b0032 (commit)
- Log -
commit ce506d27ab5e7d17dfe3fe649768a0d19b6c86ee
Author: Richard Levitte
Date: Sun Mar 3 10:27:10 2019 +0100
testutil: ensure good treatment of argv on non-Unix platforms
From a Unix point of view, some other platform families have certain
quirks. Windows command prompt doesn't expand globs into actual file
names, so we must do this. VMS has some oddity with argv pointer size
that can cause crashes if you're not careful (by copying it to a less
surprising pointer size array).
The fixups already exist and are used in the apps/ code. However, the
testutil code started using the opt routines from apps/ without
including the non-Unix fixups. This change fixes that.
For VMS' sake, libtestutil gets an app_malloc() shim, to avoid sucking
in all of apps/apps.c.
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/8381)
commit 9b542d72d2e7d4893a11b2e87628d9ac8637b954
Author: Richard Levitte
Date: Sun Mar 3 10:20:37 2019 +0100
VMS: move copy_argc to its own module and make it an aux source
copy_argv was never initialization code.
Make it self-cleaning too.
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/8381)
---
Summary of changes:
Configurations/10-main.conf | 2 +-
apps/include/apps.h | 13 +--
apps/include/platform.h | 32 +
apps/openssl.c | 4 +--
apps/vms_decc_argv.c | 67
apps/vms_decc_init.c | 38
test/build.info | 5 ++-
test/testutil/{init.c => apps_mem.c} | 12 ---
test/testutil/driver.c | 12 +++
9 files changed, 126 insertions(+), 59 deletions(-)
create mode 100644 apps/include/platform.h
create mode 100644 apps/vms_decc_argv.c
copy test/testutil/{init.c => apps_mem.c} (53%)
diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index 8b758a0..0e3afd3 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -1725,7 +1725,7 @@ my %targets = (
disable => add('pinshared'),
-apps_aux_src => "vms_term_sock.c",
+apps_aux_src => "vms_term_sock.c vms_decc_argv.c",
apps_init_src=> "vms_decc_init.c",
},
diff --git a/apps/include/apps.h b/apps/include/apps.h
index da8eae2..59e3e92 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -32,6 +32,7 @@
# include "apps_ui.h"
# include "opt.h"
# include "fmt.h"
+# include "platform.h"
# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE)
# define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
@@ -97,18 +98,6 @@ typedef struct args_st {
char **argv;
} ARGS;
-/*
- * VMS C only for now, implemented in vms_decc_init.c
- * If other C compilers forget to terminate argv with NULL, this function
- * can be re-used.
- */
-char **copy_argv(int *argc, char *argv[]);
-/*
- * Win32-specific argv initialization that splits OS-supplied UNICODE
- * command line string to array of UTF8-encoded strings.
- */
-void win32_utf8argv(int *argc, char **argv[]);
-
/* We need both wrap and the "real" function because libcrypto uses both. */
int wrap_password_callback(char *buf, int bufsiz, int verify, void *cb_data);
diff --git a/apps/include/platform.h b/apps/include/platform.h
new file mode 100644
index 000..49276b6
--- /dev/null
+++ b/apps/include/platform.h
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_PLATFORM_H
+# define HEADER_PLATFORM_H
+
+# include
+
+# if defined(OPENSSL_SYS_VMS) && defined(__DECC)
+/*
+ * VMS C only for now, implemented in vms_decc_init.c
+ * If other C compilers forget to terminate argv with NULL, this function
+ * can be re-used.
+ */
+char **copy_argv(int *argc, char *argv[]);
+# endif
+
+# ifdef _WIN32
+/*
+ * Win32-specific argv initialization that splits OS-supplied UNICODE
+ * command line string to array of UTF8-encoded strings.
+ */
+void win32_utf8argv(int *argc, char **argv[]);
+# endif
+
+#endif
diff --git a/apps/openssl.c b/apps/openssl.c
index 3747b1a..6b63b36 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -121,7 +121,6 @@ int main(int argc,
[openssl] master update
The branch master has been updated
via 469ce8ff48ef06b2e508d0c06a42ec86379b0032 (commit)
from e3b35d2b29e9446af83fcaa534e67e7b04a60d7a (commit)
- Log -
commit 469ce8ff48ef06b2e508d0c06a42ec86379b0032
Author: Richard Levitte
Date: Fri Mar 1 13:18:11 2019 +0100
Deprecate the "hw" configuration options, make "padlockeng" disablable
The "hw" and "hw-.*" style options are historical artifacts, sprung
from the time when ENGINE was first designed, with hardware crypto
accelerators and HSMs in mind.
Today, these options have largely lost their value, replaced by
options such as "no-{foo}eng" and "no-engine".
This completes the transition by making "hw" and "hw-.*" deprecated,
but automatically translated into more modern variants of the same.
In the process, we get rid of the last regular expression in
Configure's @disablables, a feature that was ill supported anyway.
Also, padlock now gets treated just as every other engine.
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/8380)
---
Summary of changes:
Configure | 21 +--
INSTALL | 8 ++--
crypto/init.c | 4 +-
engines/build.info | 30 ---
engines/e_padlock.c | 103 +---
5 files changed, 90 insertions(+), 76 deletions(-)
diff --git a/Configure b/Configure
index 0e0e115..0c9037b 100755
--- a/Configure
+++ b/Configure
@@ -374,7 +374,6 @@ my @disablables = (
"fuzz-afl",
"gost",
"heartbeats",
-"hw(-.+)?",
"idea",
"makedepend",
"md2",
@@ -386,6 +385,7 @@ my @disablables = (
"pinshared",
"ocb",
"ocsp",
+"padlockeng",
"pic",
"poly1305",
"posix-io",
@@ -434,6 +434,8 @@ foreach my $proto ((@tls, @dtls))
my %deprecated_disablables = (
"ssl2" => undef,
"buf-freelists" => undef,
+"hw" => "hw", # causes cascade, but no macro
+"hw-padlock" => "padlockeng",
"ripemd" => "rmd160",
"ui" => "ui-console",
);
@@ -495,7 +497,9 @@ my @disable_cascades = (
# Without position independent code, there can be no shared libraries or
DSOs
"pic" => [ "shared" ],
"shared"=> [ "dynamic-engine" ],
-"engine"=> [ "afalgeng", "devcryptoeng" ],
+
+"engine"=> [ grep /eng$/, @disablables ],
+"hw"=> [ "padlockeng" ],
# no-autoalginit is only useful when building non-shared
"autoalginit" => [ "shared", "apps" ],
@@ -674,8 +678,9 @@ while (@argvcopy)
if (/^(no|disable|enable)-(.+)$/)
{
my $word = $2;
-if (!exists $deprecated_disablables{$word}
-&& !grep { $word =~ /^${_}$/ } @disablables)
+if ($word !~ m|hw(?:-.+)| # special treatment for hw regexp opt
+&& !exists $deprecated_disablables{$word}
+&& !grep { $word eq $_ } @disablables)
{
$unsupported_options{$_} = 1;
next;
@@ -729,6 +734,10 @@ while (@argvcopy)
$disabled{$deprecated_disablables{$1}} =
"option";
}
}
+elsif ($1 =~ m|hw(?:-.+)|) # deprecate hw options in regexp
form
+{
+$deprecated_options{$_} = 1;
+}
else
{
$disabled{$1} = "option";
@@ -1193,6 +1202,10 @@ $config{build_file} = env('BUILDFILE') ||
$target{build_file} || "Makefile";
my %skipdir = ();
my %disabled_info = (); # For configdata.pm
foreach my $what (sort keys %disabled) {
+# There are deprecated disablables that translate to themselves.
+# They cause disabling cascades, but should otherwise not regiter.
+next if $deprecated_disablables{$what};
+
$config{options} .= " no-$what";
if (!grep { $what eq $_ } ( 'dso', 'threads', 'shared', 'pic',
diff --git a/INSTALL b/INSTALL
index 1195643..be0ce9d 100644
--- a/INSTALL
+++ b/INSTALL
@@ -396,9 +396,6 @@
available if the GOST algorithms are also available through
loading an externally supplied engine.
- no-hw-padlock
- Don't build the padlock engine.
-
no-makedepend
Don't generate dependencies.
@@ -413,6 +410,11 @@
no-ocsp
Don't build support for OCSP.
+ no-padlockeng
+ no-hw-padlock
+ Don't build the padlock engine.
+ ('no-hw-padlock' is deprecated and should not be used)
+
no-pic
Don't build
Build completed: openssl master.23109
Build openssl master.23109 completed Commit 5d05b4f4d2 by Richard Levitte on 3/4/2019 11:34 PM: fixup! Add provider tests Configure your notification preferences
Build failed: openssl master.23108
Build openssl master.23108 failed Commit f0684eb0d5 by Richard Levitte on 3/4/2019 10:47 PM: fixup! RL fixups Configure your notification preferences
Build failed: openssl master.23107
Build openssl master.23107 failed Commit b2cda51791 by Richard Levitte on 3/4/2019 10:45 PM: fixup! Numeric OSSL_PARAM helper functions. Configure your notification preferences
Build failed: openssl master.23103
Build openssl master.23103 failed Commit 643f7d7157 by Richard Levitte on 3/4/2019 9:29 PM: fixup! test/params_test.c: Add higher level parameter testing Configure your notification preferences
Build completed: openssl master.23097
Build openssl master.23097 completed Commit 35133413c1 by Rich Salz on 3/4/2019 7:55 PM: Rename params_test to params_api_test Configure your notification preferences
Build failed: openssl master.23096
Build openssl master.23096 failed Commit dd4d5cb755 by Richard Levitte on 3/4/2019 7:13 PM: fixup! test/params_test.c: Add higher level parameter testing Configure your notification preferences
Build failed: openssl master.23095
Build openssl master.23095 failed Commit 3ffec5b148 by Richard Levitte on 3/4/2019 6:33 PM: fixup! test/params_test.c: Add higher level parameter testing Configure your notification preferences
[web] master update
The branch master has been updated
via b221da5e00d3e9304664f605c132a18674a343e5 (commit)
from f6f50f59aea1b6ec6d9cf6849a1866dd1db8cb20 (commit)
- Log -
commit b221da5e00d3e9304664f605c132a18674a343e5
Author: Richard Levitte
Date: Fri Mar 1 10:11:51 2019 +0100
Don't try to hide section numbers / links in manpages
In previous times, we produced manpages in apps/, crypto/ and ssl/,
and having to deal with links containing '/man{n}/' was only tedious,
so we simply removed the section numbers from the L<> POD codes.
Now that we've switched to regular manpage layout, removing the
section numbers is not necessary any more, and also leads to incorrect
links when the L<> code refers to pages in a different man section.
Issue was reported on
[openssl-users](https://marc.info/?l=openssl-users=155138532927266=2).
Thank you Paul Smith
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/web/pull/124)
---
Summary of changes:
bin/mk-manpages | 22 +++---
1 file changed, 7 insertions(+), 15 deletions(-)
diff --git a/bin/mk-manpages b/bin/mk-manpages
index bc9c793..efc95b1 100755
--- a/bin/mk-manpages
+++ b/bin/mk-manpages
@@ -41,7 +41,6 @@ sub main {
#
# release => "..."#
# subdir => "..."# The original subdir
-# sect=> "..."# Output section subdir
# sectnum => n# Default section number
#
my %data = (
@@ -52,7 +51,7 @@ sub main {
);
# These are for display
my $podfile = File::Spec->catfile( $subdir, $ent );
-my $incfile = File::Spec->catfile( $data{sect},
+my $incfile = File::Spec->catfile( "man$data{sectnum}",
"$origbase.inc" );
# These are files we're actually manipulating
my $inpod = File::Spec->catfile( $srcdir, $podfile );
@@ -68,7 +67,7 @@ sub main {
foreach my $htmlname (
map { (my $x = $_) =~ s|/|-|g; $x }
@{$data{names}}) {
-my $htmlfile = File::Spec->catdir( $data{sect},
+my $htmlfile = File::Spec->catdir( "man$data{sectnum}",
"$htmlname.html" );
my $outhtml = File::Spec->catfile( $wwwdir, $htmlfile );
$out = $class->genhtml( $release, $title, $origbase,
@@ -90,7 +89,7 @@ sub genhtml {
-
+
@@ -111,8 +110,8 @@ sub genhtml {
: Docs
: Manpages
: $release
-: $data{sect}
-: $htmlbase
+: man$data{sectnum}
+: $htmlbase
Sitemap
@@ -145,18 +144,12 @@ sub geninc {
my $infile = do { local $/; <$fh>; };
close( $fh );
-# L ==> L
-$infile =~ s/L<[^|>]*\|([^>]+)>/L<$1>/g;
-
-# L --> L
-$infile =~ s/L<([^>]+)\(\d\)>/L<$1>/g;
-
my $out;
my $pod = Pod::Simple::XHTML->new;
$pod->html_h_level(3);
-$pod->perldoc_url_prefix("/docs/man$release/$data{sect}/");
+$pod->perldoc_url_prefix("/docs/man$release/man$data{sectnum}/");
$pod->perldoc_url_postfix(".html");
-$pod->man_url_prefix("/docs/man$release/$data{sect}/");
+$pod->man_url_prefix("/docs/man$release/man");
$pod->man_url_postfix(".html");
$pod->html_header('');
$pod->html_footer('');
@@ -183,7 +176,6 @@ sub getdata {
s/\n/ /gm;
if (/^=for comment openssl_manual_section:\s*(\d+)/) {
$data{sectnum} = "$1";
-$data{sect} = "man$1";
}
elsif (/^=head1\s/) {
$foundname = 0;
Build failed: openssl master.23094
Build openssl master.23094 failed Commit aed44f0b70 by Richard Levitte on 3/4/2019 4:22 PM: test/params_test.c: Add higher level parameter testing Configure your notification preferences
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm3
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm3 Commit log since last time: 38023b87f0 Fix seeding from random device w/o getrandom syscall ed86f884ba Fix no-ec, no-sm2 and no-sm3 cc838ee2d6 Add section order check in util/find-doc-nits 4564e77ae9 Place return values after examples in doc
SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm2
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm2 Commit log since last time: 38023b87f0 Fix seeding from random device w/o getrandom syscall ed86f884ba Fix no-ec, no-sm2 and no-sm3 cc838ee2d6 Add section order check in util/find-doc-nits 4564e77ae9 Place return values after examples in doc
Still Failing: openssl/openssl#23688 (OpenSSL_1_1_1-stable - 99f0c7a)
Build Update for openssl/openssl - Build: #23688 Status: Still Failing Duration: 29 mins and 29 secs Commit: 99f0c7a (OpenSSL_1_1_1-stable) Author: Vitezslav Cizek Message: openssl_strerror_r: Fix handling of GNU strerror_r GNU strerror_r may return either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string in which case buf is unused. In such a case we need to set buf manually. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8371) (cherry picked from commit e3b35d2b29e9446af83fcaa534e67e7b04a60d7a) View the changeset: https://github.com/openssl/openssl/compare/c352bd07ed2f...99f0c7a8a699 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501415647?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
Still Failing: openssl/openssl#23687 (master - e3b35d2)
Build Update for openssl/openssl - Build: #23687 Status: Still Failing Duration: 19 mins and 7 secs Commit: e3b35d2 (master) Author: Vitezslav Cizek Message: openssl_strerror_r: Fix handling of GNU strerror_r GNU strerror_r may return either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string in which case buf is unused. In such a case we need to set buf manually. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8371) View the changeset: https://github.com/openssl/openssl/compare/68ad17e87467...e3b35d2b29e9 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501415584?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via e3b35d2b29e9446af83fcaa534e67e7b04a60d7a (commit) from 68ad17e87467e93eab87fc2fce0da53d6a7653cc (commit) - Log - commit e3b35d2b29e9446af83fcaa534e67e7b04a60d7a Author: Vitezslav Cizek Date: Thu Feb 28 13:47:18 2019 +0100 openssl_strerror_r: Fix handling of GNU strerror_r GNU strerror_r may return either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string in which case buf is unused. In such a case we need to set buf manually. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8371) --- Summary of changes: crypto/o_str.c | 25 ++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/crypto/o_str.c b/crypto/o_str.c index 02578db..3b271e7 100644 --- a/crypto/o_str.c +++ b/crypto/o_str.c @@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) #if defined(_MSC_VER) && _MSC_VER>=1400 return !strerror_s(buf, buflen, errnum); #elif defined(_GNU_SOURCE) -return strerror_r(errnum, buf, buflen) != NULL; +char *err; + +/* + * GNU strerror_r may not actually set buf. + * It can return a pointer to some (immutable) static string in which case + * buf is left unused. + */ +err = strerror_r(errnum, buf, buflen); +if (err == NULL) +return 0; +/* + * If err is statically allocated, err != buf and we need to copy the data. + * If err points somewhere inside buf, OPENSSL_strlcpy can handle this, + * since src and dest are not annotated with __restrict and the function + * reads src byte for byte and writes to dest. + * If err == buf we do not have to copy anything. + */ +if (err != buf) +OPENSSL_strlcpy(buf, err, buflen); +return 1; #elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \ (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600) /* @@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) return !strerror_r(errnum, buf, buflen); #else char *err; + /* Fall back to non-thread safe strerror()...its all we can do */ if (buflen < 2) return 0; @@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) /* Can this ever happen? */ if (err == NULL) return 0; -strncpy(buf, err, buflen - 1); -buf[buflen - 1] = '\0'; +OPENSSL_strlcpy(buf, err, buflen); return 1; #endif }
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 99f0c7a8a6999e2f78fc065e4da78643ae14c14c (commit) from c352bd07ed2ff872876534c950a6968d75ef121e (commit) - Log - commit 99f0c7a8a6999e2f78fc065e4da78643ae14c14c Author: Vitezslav Cizek Date: Thu Feb 28 13:47:18 2019 +0100 openssl_strerror_r: Fix handling of GNU strerror_r GNU strerror_r may return either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string in which case buf is unused. In such a case we need to set buf manually. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8371) (cherry picked from commit e3b35d2b29e9446af83fcaa534e67e7b04a60d7a) --- Summary of changes: crypto/o_str.c | 25 ++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/crypto/o_str.c b/crypto/o_str.c index a835769..437e45a 100644 --- a/crypto/o_str.c +++ b/crypto/o_str.c @@ -223,7 +223,26 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) #if defined(_MSC_VER) && _MSC_VER>=1400 return !strerror_s(buf, buflen, errnum); #elif defined(_GNU_SOURCE) -return strerror_r(errnum, buf, buflen) != NULL; +char *err; + +/* + * GNU strerror_r may not actually set buf. + * It can return a pointer to some (immutable) static string in which case + * buf is left unused. + */ +err = strerror_r(errnum, buf, buflen); +if (err == NULL) +return 0; +/* + * If err is statically allocated, err != buf and we need to copy the data. + * If err points somewhere inside buf, OPENSSL_strlcpy can handle this, + * since src and dest are not annotated with __restrict and the function + * reads src byte for byte and writes to dest. + * If err == buf we do not have to copy anything. + */ +if (err != buf) +OPENSSL_strlcpy(buf, err, buflen); +return 1; #elif (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) || \ (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE >= 600) /* @@ -234,6 +253,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) return !strerror_r(errnum, buf, buflen); #else char *err; + /* Fall back to non-thread safe strerror()...its all we can do */ if (buflen < 2) return 0; @@ -241,8 +261,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) /* Can this ever happen? */ if (err == NULL) return 0; -strncpy(buf, err, buflen - 1); -buf[buflen - 1] = '\0'; +OPENSSL_strlcpy(buf, err, buflen); return 1; #endif }
Still Failing: openssl/openssl#23686 (master - 68ad17e)
Build Update for openssl/openssl - Build: #23686 Status: Still Failing Duration: 18 mins and 15 secs Commit: 68ad17e (master) Author: Pauli Message: Check for negative return for signature size.Addresses Coverity 1442933 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8392) View the changeset: https://github.com/openssl/openssl/compare/38023b87f037...68ad17e87467 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/501398690?utm_medium=notification_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=5849220_medium=notification_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[openssl] master update
The branch master has been updated via 68ad17e87467e93eab87fc2fce0da53d6a7653cc (commit) from 38023b87f037f4b832c236dfce2a76272be08763 (commit) - Log - commit 68ad17e87467e93eab87fc2fce0da53d6a7653cc Author: Pauli Date: Mon Mar 4 13:37:39 2019 +1000 Check for negative return for signature size.Addresses Coverity 1442933 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/8392) --- Summary of changes: test/ecdsatest.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/ecdsatest.c b/test/ecdsatest.c index 03327a2..761832f 100644 --- a/test/ecdsatest.c +++ b/test/ecdsatest.c @@ -205,6 +205,7 @@ static int test_builtin(int n) EVP_MD_CTX *mctx = NULL; size_t sig_len; int nid, ret = 0; +int temp; nid = curves[n].nid; @@ -231,9 +232,10 @@ static int test_builtin(int n) || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey_neg, eckey_neg))) goto err; -sig_len = ECDSA_size(eckey); +temp = ECDSA_size(eckey); -if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)) +if (!TEST_int_ge(temp, 0) +|| !TEST_ptr(sig = OPENSSL_malloc(sig_len = (size_t)temp)) /* create a signature */ || !TEST_true(EVP_DigestSignInit(mctx, NULL, NULL, NULL, pkey)) || !TEST_true(EVP_DigestSign(mctx, sig, _len, tbs, sizeof(tbs)))
