From 142deef717bad843fc04c5afb925bfd9e7dc4305 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 21 Jul 2024 08:44:02 -0400 Subject: [PATCH 1/2] Fixed invariant violation in `MemBio::get_buf` with empty results Pointer arguments to `slice::from_raw_parts` are required to be non-null. (See https://davidben.net/2024/01/15/empty-slices.html for details.) --- openssl/src/bio.rs | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/openssl/src/bio.rs b/openssl/src/bio.rs index 96a63d19c4..1595f89f1b 100644 --- a/openssl/src/bio.rs +++ b/openssl/src/bio.rs @@ -63,7 +63,11 @@ impl MemBio { unsafe { let mut ptr = ptr::null_mut(); let len = ffi::BIO_get_mem_data(self.0, &mut ptr); - slice::from_raw_parts(ptr as *const _ as *const _, len as usize) + if len == 0 { + &[] + } else { + slice::from_raw_parts(ptr as *const _ as *const _, len as usize) + } } } @@ -83,3 +87,14 @@ cfg_if! { } } } + +#[cfg(test)] +mod tests { + use super::MemBio; + + #[test] + fn test_mem_bio_get_buf_empty() { + let b = MemBio::new().unwrap(); + assert_eq!(b.get_buf(), &[]); + } +} From 5ce473b4e56e8c68e11428d2e9fdb0abf984aa59 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 21 Jul 2024 08:59:05 -0400 Subject: [PATCH 2/2] Release openssl v0.10.66 --- openssl/CHANGELOG.md | 9 ++++++++- openssl/Cargo.toml | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/openssl/CHANGELOG.md b/openssl/CHANGELOG.md index d734fbbce6..e3d1045ac0 100644 --- a/openssl/CHANGELOG.md +++ b/openssl/CHANGELOG.md @@ -2,6 +2,12 @@ ## [Unreleased] +## [v0.10.66] - 2024-07-21 + +### Fixed + +- Fixed undefined behavior in `MemBio::get_buf` when the resulting buffer had a length of 0. + ## [v0.10.65] - 2024-07-20 ### Fixed @@ -902,7 +908,8 @@ Look at the [release tags] for information about older releases. -[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.65...master +[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.66...master +[v0.10.66]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.65...openssl-v0.10.66 [v0.10.65]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.64...openssl-v0.10.65 [v0.10.64]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.63...openssl-v0.10.64 [v0.10.63]: https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.62...openssl-v0.10.63 diff --git a/openssl/Cargo.toml b/openssl/Cargo.toml index bb94398288..cc8ef0accc 100644 --- a/openssl/Cargo.toml +++ b/openssl/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "openssl" -version = "0.10.65" +version = "0.10.66" authors = ["Steven Fackler "] license = "Apache-2.0" description = "OpenSSL bindings" pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy