Avoid memory leaks in TLS
Resolves: rhbz#2144008
This commit is contained in:
Dmitry Belyavskiy
Clemens Lang
parent
6c57fc8dcc
commit
474a112b98
48
0086-avoid-bio-memleak.patch
Normal file
48
0086-avoid-bio-memleak.patch
Normal file
@ -0,0 +1,48 @@
|
||||
From 3d046c4d047a55123beeceffe9f8bae09159445e Mon Sep 17 00:00:00 2001
|
||||
From: yangyangtiantianlonglong <yangtianlong1224@163.com>
|
||||
Date: Wed, 19 Jan 2022 11:19:52 +0800
|
||||
Subject: [PATCH] Fix the same BIO_FLAGS macro definition
|
||||
|
||||
Also add comment to the public header to avoid
|
||||
making another conflict in future.
|
||||
|
||||
Fixes #17545
|
||||
|
||||
Reviewed-by: Paul Dale <pauli@openssl.org>
|
||||
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/17546)
|
||||
|
||||
(cherry picked from commit e278f18563dd3dd67c00200ee30402f48023c6ef)
|
||||
---
|
||||
include/internal/bio.h | 2 +-
|
||||
include/openssl/bio.h.in | 2 ++
|
||||
2 files changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/include/internal/bio.h b/include/internal/bio.h
|
||||
index 2d36a7b980f2..02f7222ab4f1 100644
|
||||
--- a/include/internal/bio.h
|
||||
+++ b/include/internal/bio.h
|
||||
@@ -48,9 +48,9 @@ int bread_conv(BIO *bio, char *data, size_t datal, size_t *read);
|
||||
* BIO_FLAGS_KTLS_TX_CTRL_MSG means we are about to send a ctrl message next.
|
||||
* BIO_FLAGS_KTLS_RX means we are using ktls with this BIO for receiving.
|
||||
*/
|
||||
-# define BIO_FLAGS_KTLS_TX 0x800
|
||||
# define BIO_FLAGS_KTLS_TX_CTRL_MSG 0x1000
|
||||
# define BIO_FLAGS_KTLS_RX 0x2000
|
||||
+# define BIO_FLAGS_KTLS_TX 0x4000
|
||||
|
||||
/* KTLS related controls and flags */
|
||||
# define BIO_set_ktls_flag(b, is_tx) \
|
||||
diff --git a/include/openssl/bio.h.in b/include/openssl/bio.h.in
|
||||
index 2c65b7e1a79b..686dad3099b7 100644
|
||||
--- a/include/openssl/bio.h.in
|
||||
+++ b/include/openssl/bio.h.in
|
||||
@@ -209,6 +209,8 @@ extern "C" {
|
||||
# define BIO_FLAGS_NONCLEAR_RST 0x400
|
||||
# define BIO_FLAGS_IN_EOF 0x800
|
||||
|
||||
+/* the BIO FLAGS values 0x1000 to 0x4000 are reserved for internal KTLS flags */
|
||||
+
|
||||
typedef union bio_addr_st BIO_ADDR;
|
||||
typedef struct bio_addrinfo_st BIO_ADDRINFO;
|
||||
|
||||
@ -166,6 +166,8 @@ Patch78: 0078-Add-FIPS-indicator-parameter-to-HKDF.patch
|
||||
Patch79: 0079-CVE-2022-3602.patch
|
||||
#https://bugzilla.redhat.com/show_bug.cgi?id=2142121
|
||||
Patch85: 0085-FIPS-RSA-disable-shake.patch
|
||||
#https://github.com/openssl/openssl/pull/17546
|
||||
Patch86: 0086-avoid-bio-memleak.patch
|
||||
|
||||
License: ASL 2.0
|
||||
URL: http://www.openssl.org/
|
||||
@ -499,6 +501,8 @@ install -m644 %{SOURCE9} \
|
||||
* Mon Nov 14 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-44
|
||||
- SHAKE-128/256 are not allowed with RSA in FIPS mode
|
||||
Resolves: rhbz#2144010
|
||||
- Avoid memory leaks in TLS
|
||||
Resolves: rhbz#2144008
|
||||
|
||||
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-43
|
||||
- CVE-2022-3602: X.509 Email Address Buffer Overflow
|
||||
|
||||
Loading…
Reference in New Issue
Block a user