From: Matt Caswell Date: Thu, 3 Sep 2020 14:56:05 +0000 (+0100) Subject: Fix safestack issues in asn1t.h X-Git-Tag: openssl-3.0.0-alpha7~257 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0b282540158bc4a7a291af7427a8da76f0a4980a;p=thirdparty%2Fopenssl.git Fix safestack issues in asn1t.h Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12781) --- diff --git a/.gitignore b/.gitignore index 0cad330e0a0..535792bd74a 100644 --- a/.gitignore +++ b/.gitignore @@ -23,6 +23,7 @@ /crypto/buildinf.h /include/crypto/*_conf.h /include/openssl/asn1.h +/include/openssl/asn1t.h /include/openssl/cmp.h /include/openssl/cms.h /include/openssl/configuration.h diff --git a/build.info b/build.info index 01e26704ef1..8f7f9f83959 100644 --- a/build.info +++ b/build.info @@ -14,6 +14,7 @@ DEPEND[libssl]=libcrypto # Empty DEPEND "indices" means the dependencies are expected to be built # unconditionally before anything else. DEPEND[]=include/openssl/asn1.h \ + include/openssl/asn1t.h \ include/openssl/cmp.h \ include/openssl/cms.h \ include/openssl/configuration.h \ @@ -33,6 +34,7 @@ DEPEND[]=include/openssl/asn1.h \ doc/man7/openssl_user_macros.pod GENERATE[include/openssl/asn1.h]=include/openssl/asn1.h.in +GENERATE[include/openssl/asn1t.h]=include/openssl/asn1t.h.in GENERATE[include/openssl/cmp.h]=include/openssl/cmp.h.in GENERATE[include/openssl/cms.h]=include/openssl/cms.h.in GENERATE[include/openssl/configuration.h]=include/openssl/configuration.h.in diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 379d1e6ee1f..740707f8538 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -17,8 +17,6 @@ #include "internal/numbers.h" #include "asn1_local.h" -DEFINE_STACK_OF(ASN1_VALUE) - /* * Constructed types with a recursive definition (such as can be found in PKCS7) * could eventually exceed the stack given malicious input with excessive diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c index 9bd2099c5ee..3a5b29f37d5 100644 --- a/crypto/asn1/tasn_fre.c +++ b/crypto/asn1/tasn_fre.c @@ -13,8 +13,6 @@ #include #include "asn1_local.h" -DEFINE_STACK_OF(ASN1_VALUE) - /* Free up an ASN1 structure */ void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it) diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c index 48ba9f3f742..5bdcf461a52 100644 --- a/crypto/asn1/tasn_new.c +++ b/crypto/asn1/tasn_new.c @@ -15,8 +15,6 @@ #include #include "asn1_local.h" -DEFINE_STACK_OF(ASN1_VALUE) - static int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed); static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it, diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c index 1a57b2232d2..692bd6566a2 100644 --- a/crypto/x509/x_name.c +++ b/crypto/x509/x_name.c @@ -16,8 +16,6 @@ #include "crypto/asn1.h" #include "x509_local.h" -DEFINE_STACK_OF(ASN1_VALUE) - /* * Maximum length of X509_NAME: much larger than anything we should * ever see in practice. diff --git a/include/openssl/asn1t.h b/include/openssl/asn1t.h.in similarity index 99% rename from include/openssl/asn1t.h rename to include/openssl/asn1t.h.in index 286db9e2eb4..1eebd1f85a0 100644 --- a/include/openssl/asn1t.h +++ b/include/openssl/asn1t.h.in @@ -1,4 +1,6 @@ /* + * {- join("\n * ", @autowarntext) -} + * * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -7,6 +9,10 @@ * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::stackhash qw(generate_stack_macros); +-} + #ifndef OPENSSL_ASN1T_H # define OPENSSL_ASN1T_H # pragma once @@ -880,7 +886,10 @@ DECLARE_ASN1_ITEM(LONG) DECLARE_ASN1_ITEM(ZLONG) # endif -DEFINE_OR_DECLARE_STACK_OF(ASN1_VALUE) +{- + generate_stack_macros("ASN1_VALUE"); +-} + /* Functions used internally by the ASN1 code */