Changeset View
Changeset View
Standalone View
Standalone View
crypto/conf/conf_def.c
/* | /* | ||||
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. | ||||
* | * | ||||
* Licensed under the Apache License 2.0 (the "License"). You may not use | * Licensed under the Apache License 2.0 (the "License"). You may not use | ||||
* this file except in compliance with the License. You can obtain a copy | * this file except in compliance with the License. You can obtain a copy | ||||
Context not available. | |||||
char *dirpath = NULL; | char *dirpath = NULL; | ||||
OPENSSL_DIR_CTX *dirctx = NULL; | OPENSSL_DIR_CTX *dirctx = NULL; | ||||
#endif | #endif | ||||
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION | |||||
int numincludes = 0; | |||||
#endif | |||||
if ((buff = BUF_MEM_new()) == NULL) { | if ((buff = BUF_MEM_new()) == NULL) { | ||||
ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB); | ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB); | ||||
Context not available. | |||||
const char *include_dir = ossl_safe_getenv("OPENSSL_CONF_INCLUDE"); | const char *include_dir = ossl_safe_getenv("OPENSSL_CONF_INCLUDE"); | ||||
char *include_path = NULL; | char *include_path = NULL; | ||||
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION | |||||
/* | |||||
* The include processing below can cause the "conf" fuzzer to | |||||
* timeout due to the fuzzer inserting large and complicated | |||||
* includes - with a large amount of time spent in | |||||
* OPENSSL_strlcat/OPENSSL_strcpy. This is not a security | |||||
* concern because config files should never come from untrusted | |||||
* sources. We just set an arbitrary limit on the allowed | |||||
* number of includes when fuzzing to prevent this timeout. | |||||
*/ | |||||
if (numincludes++ > 10) | |||||
goto err; | |||||
#endif | |||||
if (include_dir == NULL) | if (include_dir == NULL) | ||||
include_dir = conf->includedir; | include_dir = conf->includedir; | ||||
Context not available. |