Fix line continuation check in config parser

Fixes #8038: Previously, line continuation logic did not account for the 'again' flag, which could cause incorrect removal of a backslash character in the middle of a line. This fix ensures that line continuation is correctly handled only when 'again' is false, thus improving the reliability of the configuration parser.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24890)

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index e047746f67642632ebc5e8c7bfa57023c9633da0..b00769202293fcdd55ada71360a11f57294de598 100644 (file)
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -330,7 +330,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 
         v = NULL;
         /* check for line continuation */
-        if (bufnum >= 1) {
+        if (!again && bufnum >= 1) {
             /*
              * If we have bytes and the last char '\\' and second last char
              * is not '\\'