From e31c4e693ad7f615fef319f9a8fd904b868e4995 Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 4 Mar 2023 11:58:29 +0000 Subject: [PATCH] Avoid infinite loop in bio_asn1 state machine If the BIO_write() in the ASN1_STATE_DATA_COPY state fails, incorrect error handling will break out of the switch without changing the state, and the infinite for loop will immediately try the same write again, which is unlikely to succeed... Clearly this code intended to break out of the loop instead. Via OpenSSL 1.1 commit 723f616df81ea05f31407f7417f49eea89bb459a ok millert --- lib/libcrypto/asn1/bio_asn1.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libcrypto/asn1/bio_asn1.c b/lib/libcrypto/asn1/bio_asn1.c index 9017786f1f9..05bc1f7ad38 100644 --- a/lib/libcrypto/asn1/bio_asn1.c +++ b/lib/libcrypto/asn1/bio_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_asn1.c,v 1.17 2022/01/14 08:40:57 tb Exp $ */ +/* $OpenBSD: bio_asn1.c,v 1.18 2023/03/04 11:58:29 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -254,7 +254,7 @@ asn1_bio_write(BIO *b, const char *in , int inl) wrmax = inl; ret = BIO_write(b->next_bio, in, wrmax); if (ret <= 0) - break; + goto done; wrlen += ret; ctx->copylen -= ret; in += ret; -- 2.20.1