Skip BOM when reading the config file

Fixes #13840 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13857)
2025-03-31 20:10:45 +08:00 · 2021-01-13 08:51:39 +01:00 · 2021-01-13 08:51:39 +01:00 · 4369a882a5
commit 4369a882a5
parent 5eb24fbd1c
1 changed files with 14 additions and 0 deletions
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@ -194,6 +194,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
    BUF_MEM *buff = NULL;
    char *s, *p, *end;
    int again;
+    int first_call = 1;
    long eline = 0;
    char btmp[DECIMAL_SIZE(eline) + 1];
    CONF_VALUE *v = NULL, *tv;
@ -243,6 +244,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
            goto err;
        p[CONFBUFSIZE - 1] = '\0';
        ii = i = strlen(p);
+        if (first_call) {
+            /* Other BOMs imply unsupported multibyte encoding,
+             * so don't strip them and let the error raise */
+            const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
+
+            if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
+                memmove(p, p + 3, i - 3);
+                p[i - 3] = 0;
+                i -= 3;
+                ii -= 3;
+            }
+            first_call = 0;
+        }
        if (i == 0 && !again) {
            /* the currently processed BIO is NULL or at EOF */
            BIO *parent;