build_SYS_str_reasons: Fix a crash caused by overlong locales
authorVitezslav Cizek <vcizek@suse.com>
Tue, 4 Jun 2019 11:24:59 +0000 (13:24 +0200)
committerTomas Mraz <tmraz@fedoraproject.org>
Tue, 4 Jun 2019 11:30:36 +0000 (13:30 +0200)
commita069bdf0aa30299d9cc7f90c50fe252ec39e95ae
tree89fc9c4525b8b6a815320c5964cc2d8153321191
parenta345ce6cb174bfb7c122a942874ae79af294b92e
build_SYS_str_reasons: Fix a crash caused by overlong locales

The 4 kB SPACE_SYS_STR_REASONS in crypto/err/err.c isn't enough for some locales.
The Russian locales consume 6856 bytes, Ukrainian even 7000.

build_SYS_str_reasons() contains an overflow check:

if (cnt > sizeof(strerror_pool))
    cnt = sizeof(strerror_pool);

But since commit 9f15e5b911ba6053e09578f190354568e01c07d7 it no longer
works as cnt is incremented once more after the condition.

cnt greater than sizeof(strerror_pool) results in an unbounded
OPENSSL_strlcpy() in openssl_strerror_r(), eventually causing a crash.

When the first received error string was empty or contained only
spaces, cur would move in front of the start of the strerror_pool.

Also don't call openssl_strerror_r when the pool is full.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8966)

(cherry picked from commit fac9200a881a83bef038ebed628ebd409786a1a6)
crypto/err/err.c