gentoo resync : 13.10.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-10-13 22:19:36 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2019-10-14 23:22:23 +0100
commit: 4b19be30aa626b327c885dae62c559ec0e9fb935 (patch)
tree: 76e74807bc479502e13866b581b6bf86734ec634 /dev-libs/openssl/files
parent: 30d6f67c98d149508509d5e86f176d558793acc0 (diff)
2 files changed, 159 insertions, 0 deletions
diff --git a/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch b/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch
new file mode 100644
index 000000000000..1f195d0384c1
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch
@@ -0,0 +1,107 @@
+From 515c728dbaa92211d2eafb0041ab9fcd258fdc41 Mon Sep 17 00:00:00 2001
+From: Bernd Edlinger <bernd.edlinger@hotmail.de>
+Date: Mon, 9 Sep 2019 19:12:25 +0200
+Subject: [PATCH] Fix potential memory leaks with BN_to_ASN1_INTEGER
+
+Reviewed-by: Paul Dale <paul.dale@oracle.com>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/9833)
+
+(cherry picked from commit f28bc7d386b25fb75625d0c62c6b2e6d21de0d09)
+---
+ crypto/ec/ec_asn1.c     |  7 +++++--
+ crypto/x509v3/v3_asid.c | 26 ++++++++++++++++++++------
+ 2 files changed, 25 insertions(+), 8 deletions(-)
+
+diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
+index 1ce1181fc10..7cbf8de9813 100644
+--- a/crypto/ec/ec_asn1.c
++++ b/crypto/ec/ec_asn1.c
+@@ -446,6 +446,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
+     unsigned char *buffer = NULL;
+     const EC_POINT *point = NULL;
+     point_conversion_form_t form;
++    ASN1_INTEGER *orig;
+ 
+     if (params == NULL) {
+         if ((ret = ECPARAMETERS_new()) == NULL) {
+@@ -496,8 +497,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
+         ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB);
+         goto err;
+     }
+-    ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
++    ret->order = BN_to_ASN1_INTEGER(tmp, orig = ret->order);
+     if (ret->order == NULL) {
++        ret->order = orig;
+         ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB);
+         goto err;
+     }
+@@ -505,8 +507,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
+     /* set the cofactor (optional) */
+     tmp = EC_GROUP_get0_cofactor(group);
+     if (tmp != NULL) {
+-        ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
++        ret->cofactor = BN_to_ASN1_INTEGER(tmp, orig = ret->cofactor);
+         if (ret->cofactor == NULL) {
++            ret->cofactor = orig;
+             ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB);
+             goto err;
+         }
+diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
+index 089f2ae29f0..ef2d64826fb 100644
+--- a/crypto/x509v3/v3_asid.c
++++ b/crypto/x509v3/v3_asid.c
+@@ -256,6 +256,7 @@ static int extract_min_max(ASIdOrRange *aor,
+ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
+ {
+     ASN1_INTEGER *a_max_plus_one = NULL;
++    ASN1_INTEGER *orig;
+     BIGNUM *bn = NULL;
+     int i, ret = 0;
+ 
+@@ -298,9 +299,15 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
+          */
+         if ((bn == NULL && (bn = BN_new()) == NULL) ||
+             ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
+-            !BN_add_word(bn, 1) ||
+-            (a_max_plus_one =
+-             BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
++            !BN_add_word(bn, 1)) {
++            X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL,
++                      ERR_R_MALLOC_FAILURE);
++            goto done;
++        }
++
++        if ((a_max_plus_one =
++                BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) {
++            a_max_plus_one = orig;
+             X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL,
+                       ERR_R_MALLOC_FAILURE);
+             goto done;
+@@ -351,6 +358,7 @@ int X509v3_asid_is_canonical(ASIdentifiers *asid)
+ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
+ {
+     ASN1_INTEGER *a_max_plus_one = NULL;
++    ASN1_INTEGER *orig;
+     BIGNUM *bn = NULL;
+     int i, ret = 0;
+ 
+@@ -416,9 +424,15 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
+          */
+         if ((bn == NULL && (bn = BN_new()) == NULL) ||
+             ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
+-            !BN_add_word(bn, 1) ||
+-            (a_max_plus_one =
+-             BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
++            !BN_add_word(bn, 1)) {
++            X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
++                      ERR_R_MALLOC_FAILURE);
++            goto done;
++        }
++
++        if ((a_max_plus_one =
++                 BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) {
++            a_max_plus_one = orig;
+             X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+                       ERR_R_MALLOC_FAILURE);
+             goto done;
diff --git a/dev-libs/openssl/files/openssl-1.1.1d-fix-zlib.patch b/dev-libs/openssl/files/openssl-1.1.1d-fix-zlib.patch
new file mode 100644
index 000000000000..5d2f923a4872
--- /dev/null
+++ b/dev-libs/openssl/files/openssl-1.1.1d-fix-zlib.patch
@@ -0,0 +1,52 @@
+From 86ed78676c660b553696cc10c682962522dfeb6c Mon Sep 17 00:00:00 2001
+From: Tomas Mraz <tmraz@fedoraproject.org>
+Date: Thu, 12 Sep 2019 12:27:36 +0200
+Subject: [PATCH] BIO_f_zlib: Properly handle BIO_CTRL_PENDING and
+ BIO_CTRL_WPENDING calls.
+
+There can be data to write in output buffer and data to read that were
+not yet read in the input stream.
+
+Fixes #9866
+
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/9877)
+
+(cherry picked from commit 6beb8b39ba8e4cb005c1fcd2586ba19e17f04b95)
+---
+ crypto/comp/c_zlib.c | 22 ++++++++++++++++++++++
+ 1 file changed, 22 insertions(+)
+
+diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
+index d688deee5f2..7c1be358fd7 100644
+--- a/crypto/comp/c_zlib.c
++++ b/crypto/comp/c_zlib.c
+@@ -598,6 +598,28 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr)
+         BIO_copy_next_retry(b);
+         break;
+ 
++    case BIO_CTRL_WPENDING:
++        if (ctx->obuf == NULL)
++            return 0;
++
++        if (ctx->odone) {
++            ret = ctx->ocount;
++        } else {
++            ret = ctx->ocount;
++            if (ret == 0)
++                /* Unknown amount pending but we are not finished */
++                ret = 1;
++        }
++        if (ret == 0)
++            ret = BIO_ctrl(next, cmd, num, ptr);
++        break;
++
++    case BIO_CTRL_PENDING:
++        ret = ctx->zin.avail_in;
++        if (ret == 0)
++            ret = BIO_ctrl(next, cmd, num, ptr);
++        break;
++
+     default:
+         ret = BIO_ctrl(next, cmd, num, ptr);
+         break;
author	V3n3RiX <venerix@redcorelinux.org>	2019-10-13 22:19:36 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2019-10-14 23:22:23 +0100
commit	4b19be30aa626b327c885dae62c559ec0e9fb935 (patch)
tree	76e74807bc479502e13866b581b6bf86734ec634 /dev-libs/openssl/files
parent	30d6f67c98d149508509d5e86f176d558793acc0 (diff)