* Invalid signatures created by Alpine, when built with recent

releases of the Openssl-1.1.1 series (but not in the Openssl-1.0.1 series). Fix contributed by Bernd Edlinger.
author: Eduardo Chappa <chappa@washington.edu> 2020-06-27 13:36:47 -0600
committer: Eduardo Chappa <chappa@washington.edu> 2020-06-27 13:36:47 -0600
commit: 529d58309bc7ec042b668a90817eabe4522507e0 (patch)
tree: 0cf0227c547a983b6cecd2ae6abd9056f5d5a153 /pith/smime.c
parent: 40e5221e67e620c84350331aa4f273bcd88d25de (diff)
download: alpine-529d58309bc7ec042b668a90817eabe4522507e0.tar.xz
1 files changed, 7 insertions, 3 deletions
diff --git a/pith/smime.c b/pith/smime.c
index ccaf1066..a2a6a112 100644
--- a/pith/smime.c
+++ b/pith/smime.c
@@ -2488,10 +2488,14 @@ body_to_bio(BODY *body)
     if((len=BIO_ctrl_pending(bio)) > 1){
 	BUF_MEM *biobuf = NULL;
 
+	/* this code used to truncate without closing the bio, and 
+	   then resetting the memory, causing non validation in
+	   signatures. Fix contributed by Bernd Edlinger.
+	 */
 	BIO_get_mem_ptr(bio, &biobuf);
-	if(biobuf){
-	    BUF_MEM_grow(biobuf, len-2);	/* remove CRLF */
-	}
+	BIO_set_close(bio, 0);
+	BUF_MEM_grow(biobuf, len-2);	/* remove CRLF */
+	BIO_set_mem_buf(bio, biobuf, 1);
     }
 
     return bio;
author	Eduardo Chappa <chappa@washington.edu>	2020-06-27 13:36:47 -0600
committer	Eduardo Chappa <chappa@washington.edu>	2020-06-27 13:36:47 -0600
commit	529d58309bc7ec042b668a90817eabe4522507e0 (patch)
tree	0cf0227c547a983b6cecd2ae6abd9056f5d5a153 /pith/smime.c
parent	40e5221e67e620c84350331aa4f273bcd88d25de (diff)
download	alpine-529d58309bc7ec042b668a90817eabe4522507e0.tar.xz