From: erbsland-dev <github@erbsland.dev>
Date: Mon, 15 Jul 2024 10:16:09 +0000 (+0200)
Subject: Fix line continuation check in config parser
X-Git-Tag: openssl-3.1.7~48
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6d676ed969a6492ef076cf1f1330c9bee9c55223;p=thirdparty%2Fopenssl.git

Fix line continuation check in config parser

Fixes #8038: Previously, line continuation logic did not account for the 'again' flag, which could cause incorrect removal of a backslash character in the middle of a line. This fix ensures that line continuation is correctly handled only when 'again' is false, thus improving the reliability of the configuration parser.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24890)

(cherry picked from commit f54e4bc51b78c10dc99a61c087861ee2c11d7a41)
---

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 26686a0ec3d..56870317a22 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -332,7 +332,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
 
         v = NULL;
         /* check for line continuation */
-        if (bufnum >= 1) {
+        if (!again && bufnum >= 1) {
             /*
              * If we have bytes and the last char '\\' and second last char
              * is not '\\'