From: tb Date: Sat, 4 Mar 2023 11:58:29 +0000 (+0000) Subject: Avoid infinite loop in bio_asn1 state machine X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=e31c4e693ad7f615fef319f9a8fd904b868e4995;p=openbsd Avoid infinite loop in bio_asn1 state machine If the BIO_write() in the ASN1_STATE_DATA_COPY state fails, incorrect error handling will break out of the switch without changing the state, and the infinite for loop will immediately try the same write again, which is unlikely to succeed... Clearly this code intended to break out of the loop instead. Via OpenSSL 1.1 commit 723f616df81ea05f31407f7417f49eea89bb459a ok millert --- diff --git a/lib/libcrypto/asn1/bio_asn1.c b/lib/libcrypto/asn1/bio_asn1.c index 9017786f1f9..05bc1f7ad38 100644 --- a/lib/libcrypto/asn1/bio_asn1.c +++ b/lib/libcrypto/asn1/bio_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_asn1.c,v 1.17 2022/01/14 08:40:57 tb Exp $ */ +/* $OpenBSD: bio_asn1.c,v 1.18 2023/03/04 11:58:29 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -254,7 +254,7 @@ asn1_bio_write(BIO *b, const char *in , int inl) wrmax = inl; ret = BIO_write(b->next_bio, in, wrmax); if (ret <= 0) - break; + goto done; wrlen += ret; ctx->copylen -= ret; in += ret;