Avoid infinite loop in bio_asn1 state machine

If the BIO_write() in the ASN1_STATE_DATA_COPY state fails, incorrect
error handling will break out of the switch without changing the state,
and the infinite for loop will immediately try the same write again,
which is unlikely to succeed... Clearly this code intended to break out
of the loop instead.

Via OpenSSL 1.1 commit 723f616df81ea05f31407f7417f49eea89bb459a

ok millert

diff --git a/lib/libcrypto/asn1/bio_asn1.c b/lib/libcrypto/asn1/bio_asn1.c
index 9017786..05bc1f7 100644 (file)
--- a/lib/libcrypto/asn1/bio_asn1.c
+++ b/lib/libcrypto/asn1/bio_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bio_asn1.c,v 1.17 2022/01/14 08:40:57 tb Exp $ */
+/* $OpenBSD: bio_asn1.c,v 1.18 2023/03/04 11:58:29 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -254,7 +254,7 @@ asn1_bio_write(BIO *b, const char *in , int inl)
                                wrmax = inl;
                        ret = BIO_write(b->next_bio, in, wrmax);
                        if (ret <= 0)
-                               break;
+                               goto done;
                        wrlen += ret;
                        ctx->copylen -= ret;
                        in += ret;