From: Juergen Christ <jchrist@linux.ibm.com>
Date: Wed, 10 Aug 2022 15:59:19 +0000 (+0200)
Subject: Fix asan finding in bio_addr
X-Git-Tag: openssl-3.2.0-alpha1~2292
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=278b0d8b674eba6f6e1ec51a18c3ccaf8db02701;p=thirdparty%2Fopenssl.git

Fix asan finding in bio_addr

Running test_tfo_cli under asan yields
==166214==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700000d57c at pc 0x03ffa004ed86 bp 0x03ffe2977e80 sp 0x03ffe2977668
READ of size 112 at 0x60700000d57c thread T0
    #0 0x3ffa004ed85 in memcpy (/lib64/libasan.so.8+0x4ed85)
    #1 0x3ff9f3615b7 in BIO_ADDR_dup crypto/bio/bio_addr.c:77
[...]
and fails the test.

Fix this by copying the right structure of the union.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18979)
---

diff --git a/crypto/bio/bio_addr.c b/crypto/bio/bio_addr.c
index b9027e684b5..747777a5abf 100644
--- a/crypto/bio/bio_addr.c
+++ b/crypto/bio/bio_addr.c
@@ -74,7 +74,7 @@ BIO_ADDR *BIO_ADDR_dup(const BIO_ADDR *ap)
     if (ap != NULL) {
         ret = BIO_ADDR_new();
         if (ret != NULL)
-            memcpy(ret, ap, sizeof(BIO_ADDR));
+            BIO_ADDR_make(ret, &ap->sa);
     }
     return ret;
 }