commit 4c08be27c89bfdd213873e502b2db757c263867f
author Robert Sloan <varomodt@google.com> Tue Oct 16 02:03:49 2018 -0700
committer android-build-merger <android-build-merger@google.com> Tue Oct 16 02:03:49 2018 -0700
tree b8a132ee1f4b56cf6ba2937cc52a263a788c9752
parent db2cec72c8121dc082d0c44bc796f1c6f925c0d1
parent 23894f8e9b0b914799a2c8bded6b4eaf39769be6

external/boringssl: Sync to 80aa6949756d327476750f9ea2c9700aa2a027c5.
am: 23894f8e9b

Change-Id: I6c6b235e36183deaadb67dfca98626059c0ed4b2

BORINGSSL_REVISION

diff --git a/BORINGSSL_REVISION b/BORINGSSL_REVISION
index 37d1136..e6c1473 100644
--- a/BORINGSSL_REVISION
+++ b/BORINGSSL_REVISION
@@ -1 +1 @@
-2d98d49cf712ca7dc6f4b23b9c5f5542385d8dbe
+80aa6949756d327476750f9ea2c9700aa2a027c5

src/crypto/bio/bio.c

diff --git a/src/crypto/bio/bio.c b/src/crypto/bio/bio.c
index 881c14e..fe40578 100644
--- a/src/crypto/bio/bio.c
+++ b/src/crypto/bio/bio.c
@@ -61,6 +61,7 @@
 #include <limits.h>
 #include <string.h>
 
+#include <openssl/asn1.h>
 #include <openssl/err.h>
 #include <openssl/mem.h>
 #include <openssl/thread.h>
@@ -481,11 +482,28 @@
   }
 }
 
+// For compatibility with existing |d2i_*_bio| callers, |BIO_read_asn1| uses
+// |ERR_LIB_ASN1| errors.
+OPENSSL_DECLARE_ERROR_REASON(ASN1, ASN1_R_DECODE_ERROR)
+OPENSSL_DECLARE_ERROR_REASON(ASN1, ASN1_R_HEADER_TOO_LONG)
+OPENSSL_DECLARE_ERROR_REASON(ASN1, ASN1_R_NOT_ENOUGH_DATA)
+OPENSSL_DECLARE_ERROR_REASON(ASN1, ASN1_R_TOO_LONG)
+
 int BIO_read_asn1(BIO *bio, uint8_t **out, size_t *out_len, size_t max_len) {
   uint8_t header[6];
 
   static const size_t kInitialHeaderLen = 2;
-  if (BIO_read(bio, header, kInitialHeaderLen) != (int) kInitialHeaderLen) {
+  int ret = BIO_read(bio, header, kInitialHeaderLen);
+  if (ret == 0) {
+    // Historically, OpenSSL returned |ASN1_R_HEADER_TOO_LONG| when |d2i_*_bio|
+    // could not read anything. CPython conditions on this to determine if |bio|
+    // was empty.
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_HEADER_TOO_LONG);
+    return 0;
+  }
+
+  if (ret != (int) kInitialHeaderLen) {
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
     return 0;
   }
 
@@ -494,6 +512,7 @@
 
   if ((tag & 0x1f) == 0x1f) {
     // Long form tags are not supported.
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
     return 0;
   }
 
@@ -507,34 +526,41 @@
 
     if ((tag & 0x20 /* constructed */) != 0 && num_bytes == 0) {
       // indefinite length.
-      return bio_read_all(bio, out, out_len, header, kInitialHeaderLen,
-                          max_len);
+      if (!bio_read_all(bio, out, out_len, header, kInitialHeaderLen,
+                        max_len)) {
+        OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
+        return 0;
+      }
+      return 1;
     }
 
     if (num_bytes == 0 || num_bytes > 4) {
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
       return 0;
     }
 
     if (BIO_read(bio, header + kInitialHeaderLen, num_bytes) !=
         (int)num_bytes) {
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
       return 0;
     }
     header_len = kInitialHeaderLen + num_bytes;
 
     uint32_t len32 = 0;
-    unsigned i;
-    for (i = 0; i < num_bytes; i++) {
+    for (unsigned i = 0; i < num_bytes; i++) {
       len32 <<= 8;
       len32 |= header[kInitialHeaderLen + i];
     }
 
     if (len32 < 128) {
       // Length should have used short-form encoding.
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
       return 0;
     }
 
     if ((len32 >> ((num_bytes-1)*8)) == 0) {
       // Length should have been at least one byte shorter.
+      OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR);
       return 0;
     }
 
@@ -544,6 +570,7 @@
   if (len + header_len < len ||
       len + header_len > max_len ||
       len > INT_MAX) {
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG);
     return 0;
   }
   len += header_len;
@@ -551,11 +578,13 @@
 
   *out = OPENSSL_malloc(len);
   if (*out == NULL) {
+    OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
     return 0;
   }
   OPENSSL_memcpy(*out, header, header_len);
   if (BIO_read(bio, (*out) + header_len, len - header_len) !=
       (int) (len - header_len)) {
+    OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA);
     OPENSSL_free(*out);
     return 0;
   }

src/crypto/x509/x509_test.cc

diff --git a/src/crypto/x509/x509_test.cc b/src/crypto/x509/x509_test.cc
index bf0b29a..c42a7c8 100644
--- a/src/crypto/x509/x509_test.cc
+++ b/src/crypto/x509/x509_test.cc
@@ -1671,3 +1671,16 @@
       PEM_X509_INFO_read_bio(bio.get(), infos.get(), nullptr, nullptr));
   EXPECT_EQ(2 * OPENSSL_ARRAY_SIZE(kExpected), sk_X509_INFO_num(infos.get()));
 }
+
+TEST(X509Test, ReadBIOEmpty) {
+  bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(nullptr, 0));
+  ASSERT_TRUE(bio);
+
+  // CPython expects |ASN1_R_HEADER_TOO_LONG| on EOF, to terminate a series of
+  // certificates.
+  bssl::UniquePtr<X509> x509(d2i_X509_bio(bio.get(), nullptr));
+  EXPECT_FALSE(x509);
+  uint32_t err = ERR_get_error();
+  EXPECT_EQ(ERR_LIB_ASN1, ERR_GET_LIB(err));
+  EXPECT_EQ(ASN1_R_HEADER_TOO_LONG, ERR_GET_REASON(err));
+}