From: Matt Caswell Date: Fri, 5 Nov 2021 13:29:41 +0000 (+0000) Subject: Don't write to the globals ossl_property_true and ossl_property_false X-Git-Tag: openssl-3.2.0-alpha1~3352 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6de9214a5062e9d015c84cbbab681184e16fccaa;p=thirdparty%2Fopenssl.git Don't write to the globals ossl_property_true and ossl_property_false These global variables were previously overwritten with the same value every time we created a new OSSL_LIB_CTX. Instead we preinitialise them with the correct values, and then confirm that settings for each OSSL_LIB_CTX agree with the preinitialised values. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16980) --- diff --git a/crypto/property/property_local.h b/crypto/property/property_local.h index 46c5dbe3cc3..6b85ce1586e 100644 --- a/crypto/property/property_local.h +++ b/crypto/property/property_local.h @@ -34,7 +34,8 @@ struct ossl_property_list_st { OSSL_PROPERTY_DEFINITION properties[1]; }; -extern OSSL_PROPERTY_IDX ossl_property_true, ossl_property_false; +#define OSSL_PROPERTY_TRUE 1 +#define OSSL_PROPERTY_FALSE 2 /* Property string functions */ OSSL_PROPERTY_IDX ossl_property_name(OSSL_LIB_CTX *ctx, const char *s, diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c index 3c0a6ff7931..dc35646be2e 100644 --- a/crypto/property/property_parse.c +++ b/crypto/property/property_parse.c @@ -19,8 +19,6 @@ #include "property_local.h" #include "e_os.h" -OSSL_PROPERTY_IDX ossl_property_true, ossl_property_false; - DEFINE_STACK_OF(OSSL_PROPERTY_DEFINITION) static const char *skip_space(const char *s) @@ -352,7 +350,7 @@ OSSL_PROPERTY_LIST *ossl_parse_property(OSSL_LIB_CTX *ctx, const char *defn) } else { /* A name alone means a true Boolean */ prop->type = OSSL_PROPERTY_TYPE_STRING; - prop->v.str_val = ossl_property_true; + prop->v.str_val = OSSL_PROPERTY_TRUE; } if (!sk_OSSL_PROPERTY_DEFINITION_push(sk, prop)) @@ -411,7 +409,7 @@ OSSL_PROPERTY_LIST *ossl_parse_query(OSSL_LIB_CTX *ctx, const char *s, /* A name alone is a Boolean comparison for true */ prop->oper = OSSL_PROPERTY_OPER_EQ; prop->type = OSSL_PROPERTY_TYPE_STRING; - prop->v.str_val = ossl_property_true; + prop->v.str_val = OSSL_PROPERTY_TRUE; goto skip_value; } if (!parse_value(ctx, &s, prop, create_values)) @@ -485,9 +483,9 @@ int ossl_property_match_count(const OSSL_PROPERTY_LIST *query, return -1; } else if (q[i].type != OSSL_PROPERTY_TYPE_STRING || (oper == OSSL_PROPERTY_OPER_EQ - && q[i].v.str_val != ossl_property_false) + && q[i].v.str_val != OSSL_PROPERTY_FALSE) || (oper == OSSL_PROPERTY_OPER_NE - && q[i].v.str_val == ossl_property_false)) { + && q[i].v.str_val == OSSL_PROPERTY_FALSE)) { if (!q[i].optional) return -1; } else { @@ -560,9 +558,13 @@ int ossl_property_parse_init(OSSL_LIB_CTX *ctx) if (ossl_property_name(ctx, predefined_names[i], 1) == 0) goto err; - /* Pre-populate the two Boolean values */ - if ((ossl_property_true = ossl_property_value(ctx, "yes", 1)) == 0 - || (ossl_property_false = ossl_property_value(ctx, "no", 1)) == 0) + /* + * Pre-populate the two Boolean values. We must do them before any other + * values and in this order so that we get the same index as the global + * OSSL_PROPERTY_TRUE and OSSL_PROPERTY_FALSE values + */ + if ((ossl_property_value(ctx, "yes", 1) != OSSL_PROPERTY_TRUE) + || (ossl_property_value(ctx, "no", 1) != OSSL_PROPERTY_FALSE)) goto err; return 1; diff --git a/crypto/property/property_query.c b/crypto/property/property_query.c index 1352bc009ee..28cc704840a 100644 --- a/crypto/property/property_query.c +++ b/crypto/property/property_query.c @@ -75,8 +75,8 @@ int ossl_property_is_enabled(OSSL_LIB_CTX *ctx, const char *property_name, return 0; return (prop->type == OSSL_PROPERTY_TYPE_STRING && ((prop->oper == OSSL_PROPERTY_OPER_EQ - && prop->v.str_val == ossl_property_true) + && prop->v.str_val == OSSL_PROPERTY_TRUE) || (prop->oper == OSSL_PROPERTY_OPER_NE - && prop->v.str_val != ossl_property_true))); + && prop->v.str_val != OSSL_PROPERTY_TRUE))); }