From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Wed, 13 Jan 2021 07:51:39 +0000 (+0100)
Subject: Skip BOM when reading the config file
X-Git-Tag: openssl-3.0.0-alpha11~104
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4369a882a565c42673b28c586a5c46a8bca98d17;p=thirdparty%2Fopenssl.git

Skip BOM when reading the config file

Fixes #13840

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13857)
---

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index a7f5677a263..99063eaf68c 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -194,6 +194,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
     BUF_MEM *buff = NULL;
     char *s, *p, *end;
     int again;
+    int first_call = 1;
     long eline = 0;
     char btmp[DECIMAL_SIZE(eline) + 1];
     CONF_VALUE *v = NULL, *tv;
@@ -243,6 +244,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
             goto err;
         p[CONFBUFSIZE - 1] = '\0';
         ii = i = strlen(p);
+        if (first_call) {
+            /* Other BOMs imply unsupported multibyte encoding,
+             * so don't strip them and let the error raise */
+            const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
+
+            if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
+                memmove(p, p + 3, i - 3);
+                p[i - 3] = 0;
+                i -= 3;
+                ii -= 3;
+            }
+            first_call = 0;
+        }
         if (i == 0 && !again) {
             /* the currently processed BIO is NULL or at EOF */
             BIO *parent;