From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Mon, 28 Mar 2022 17:28:37 +0000 (-0600)
Subject: Hack in stack over-allocation for OpenSSL async contexts
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=312d28e970dbb3d39ee274da1019ba9e77420440;p=thirdparty%2Ffreeradius-server.git

Hack in stack over-allocation for OpenSSL async contexts
---

diff --git a/src/lib/tls/base.c b/src/lib/tls/base.c
index fe5f8624e87..c577c2f15b1 100644
--- a/src/lib/tls/base.c
+++ b/src/lib/tls/base.c
@@ -204,10 +204,37 @@ int fr_tls_max_threads = 1;
  * @param len to alloc.
  * @return realloc.
  */
-static void *fr_openssl_talloc(size_t len, NDEBUG_UNUSED char const *file, NDEBUG_UNUSED int line)
+static void *fr_openssl_talloc(size_t len, char const *file, NDEBUG_UNUSED int line)
 {
+	static char const *async_file;
 	void *chunk;
 
+	/*
+	 *	Cache the filename pointer for the async_posix.c
+	 *	source file, so we can figure out when we're
+	 *	being asked for stack memory.
+	 *
+	 *	This is terrible, we're basically guessing at the
+	 *	stack size.  OpenSSL 3.1.0 will have proper
+	 *	allocation functions so we can something more
+	 *	sensible.
+	 */
+	if (!async_file) {
+		char const *sep;
+
+		sep = strrchr(file, '/');
+		if (!sep) {
+			sep = file;
+		} else {
+			sep++;
+		}
+		if (strcmp(sep, "async_posix.c") == 0) {
+			async_file = file;
+		alloc_stack:
+			len *= 4;
+		}
+	} else if (file == async_file) goto alloc_stack;
+
 	chunk = talloc_array(ssl_talloc_ctx, uint8_t, len);
 #ifndef NDEBUG
 	talloc_set_name(chunk, "%s:%u", file, line);