diff options
author | Tomas Mraz <tmraz@fedoraproject.org> | 2020-11-03 18:51:38 +0100 |
---|---|---|
committer | Tomas Mraz <tmraz@fedoraproject.org> | 2020-11-11 16:06:30 +0100 |
commit | d8701e25239dc3d0c9d871e53873f592420f71d0 (patch) | |
tree | b8168415fea827353d1263c6642b958e46f5ed92 /crypto/conf/conf_def.c | |
parent | 368d9e030fac7355f0d1d24fb5059bf0c848fe4f (diff) |
Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
Also check for malloc failure and do not add '/' when
$OPENSSL_CONF_INCLUDE already ends with directory separator.
Fixes #13302
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
Diffstat (limited to 'crypto/conf/conf_def.c')
-rw-r--r-- | crypto/conf/conf_def.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 63dfaef4d8..dd2d16647a 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -414,12 +414,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) if (!str_copy(conf, psection, &include, p)) goto err; - if (include_dir != NULL) { + if (include_dir != NULL && !ossl_is_absolute_path(include)) { size_t newlen = strlen(include_dir) + strlen(include) + 2; include_path = OPENSSL_malloc(newlen); + if (include_path == NULL) { + CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); + OPENSSL_free(include); + goto err; + } + OPENSSL_strlcpy(include_path, include_dir, newlen); - OPENSSL_strlcat(include_path, "/", newlen); + if (!ossl_ends_with_dirsep(include_path)) + OPENSSL_strlcat(include_path, "/", newlen); OPENSSL_strlcat(include_path, include, newlen); OPENSSL_free(include); } else { |