git.ipfire.org Git - thirdparty/openssl.git/commit

author	Neil Horman <nhorman@openssl.org>
	Thu, 30 Nov 2023 19:28:09 +0000 (14:28 -0500)
committer	Neil Horman <nhorman@openssl.org>
	Sat, 30 Dec 2023 14:10:59 +0000 (09:10 -0500)
commit	5e4c3f2b3911b61a0e77b63e1e63f80c7581fb96
tree	f79ad0de1e65857fed77fcf5dadfbf6065bc4cb9	tree
parent	ebcfd7ac78b7175f01cd5e82bfa932bcb8f21633	commit \| diff

Detect and prevent recursive config parsing

If a malformed config file is provided such as the following:

openssl_conf = openssl_init
[openssl_init]
providers = provider_sect
[provider_sect]
= provider_sect

The config parsing library will crash overflowing the stack, as it
recursively parses the same provider_sect ad nauseum.

Prevent this by maintaing a list of visited nodes as we recurse through
referenced sections, and erroring out in the event we visit any given
section node more than once.

Note, adding the test for this revealed that our diagnostic code
inadvertently pops recorded errors off the error stack because
provider_conf_load returns success even in the event that a
configuration parse failed. The call path to provider_conf_load has been
updated in this commit to address that shortcoming, allowing recorded
errors to be visibile to calling applications.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/23120)

crypto/conf/conf_err.c		diff \| blob \| blame \| history
crypto/err/openssl.txt		diff \| blob \| blame \| history
crypto/provider_conf.c		diff \| blob \| blame \| history
include/openssl/conferr.h		diff \| blob \| blame \| history
test/prov_config_test.c		diff \| blob \| blame \| history
test/recipes/30-test_prov_config.t		diff \| blob \| blame \| history
test/recursive.cnf	[new file with mode: 0644]	blob