Fix memory overrun in rsa padding check functions

[oweals/openssl.git] / crypto / conf / conf_def.c

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 7f0d70ea695ecfffafcd81812e1f0e96ab06960c..8e3f42a0caca2928824d5e468e098aabd88abbc5 100644 (file)
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -348,10 +348,15 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
                 psection = section;
             }
             p = eat_ws(conf, end);
-            if (strncmp(pname, ".include", 8) == 0 && p != pname + 8) {
+            if (strncmp(pname, ".include", 8) == 0
+                && (p != pname + 8 || *p == '=')) {
                 char *include = NULL;
                 BIO *next;
 
+                if (*p == '=') {
+                    p++;
+                    p = eat_ws(conf, p);
+                }
                 trim_ws(conf, p);
                 if (!str_copy(conf, psection, &include, p))
                     goto err;