From 1f12bf71fecf77c3d0def0fd4211be1dc85a53a1 Mon Sep 17 00:00:00 2001 From: Pauli Date: Tue, 11 May 2021 09:48:22 +1000 Subject: [PATCH] property: create property names more eagerly. User defined property names were not created before the first fetch. The rationale for this was to only maintain the user names defined by providers. This was intended to prevent malicious memory use attacks. Not being able to specify a default query before the first fetch is wrong. This changes the behaviour of the property query parsing to always create property names. Fixes #15218 Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/15222) --- crypto/property/property_parse.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c index a41d6331b1..dfae76518f 100644 --- a/crypto/property/property_parse.c +++ b/crypto/property/property_parse.c @@ -407,12 +407,12 @@ OSSL_PROPERTY_LIST *ossl_parse_query(OSSL_LIB_CTX *ctx, const char *s, if (match_ch(&s, '-')) { prop->oper = PROPERTY_OVERRIDE; prop->optional = 0; - if (!parse_name(ctx, &s, 0, &prop->name_idx)) + if (!parse_name(ctx, &s, 1, &prop->name_idx)) goto err; goto skip_value; } prop->optional = match_ch(&s, '?'); - if (!parse_name(ctx, &s, 0, &prop->name_idx)) + if (!parse_name(ctx, &s, 1, &prop->name_idx)) goto err; if (match_ch(&s, '=')) {