#endif /* OPENSSL_NO_STDIO */\r
\r
#endif /* HEADER_BSS_FILE_C */\r
+Index: crypto/crypto.h\r
+===================================================================\r
+--- crypto/crypto.h (revision 1)\r
++++ crypto/crypto.h (working copy)\r
+@@ -235,15 +235,15 @@\r
+ #ifndef OPENSSL_NO_LOCKING\r
+ #ifndef CRYPTO_w_lock\r
+ #define CRYPTO_w_lock(type) \\r
+- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r
++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)\r
+ #define CRYPTO_w_unlock(type) \\r
+- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)\r
++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)\r
+ #define CRYPTO_r_lock(type) \\r
+- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r
++ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)\r
+ #define CRYPTO_r_unlock(type) \\r
+- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)\r
++ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)\r
+ #define CRYPTO_add(addr,amount,type) \\r
+- CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)\r
++ CRYPTO_add_lock(addr,amount,type,NULL,0)\r
+ #endif\r
+ #else\r
+ #define CRYPTO_w_lock(a)\r
+@@ -361,19 +361,19 @@\r
+ #define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)\r
+ #define is_MemCheck_on() CRYPTO_is_mem_check_on()\r
+ \r
+-#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)\r
+-#define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)\r
++#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0)\r
++#define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0)\r
+ #define OPENSSL_realloc(addr,num) \\r
+- CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)\r
++ CRYPTO_realloc((char *)addr,(int)num,NULL,0)\r
+ #define OPENSSL_realloc_clean(addr,old_num,num) \\r
+- CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)\r
++ CRYPTO_realloc_clean(addr,old_num,num,NULL,0)\r
+ #define OPENSSL_remalloc(addr,num) \\r
+- CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)\r
++ CRYPTO_remalloc((char **)addr,(int)num,NULL,0)\r
+ #define OPENSSL_freeFunc CRYPTO_free\r
+ #define OPENSSL_free(addr) CRYPTO_free(addr)\r
+ \r
+ #define OPENSSL_malloc_locked(num) \\r
+- CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)\r
++ CRYPTO_malloc_locked((int)num,NULL,0)\r
+ #define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)\r
+ \r
+ \r
+@@ -487,7 +487,7 @@\r
+ long CRYPTO_get_mem_debug_options(void);\r
+ \r
+ #define CRYPTO_push_info(info) \\r
+- CRYPTO_push_info_(info, __FILE__, __LINE__);\r
++ CRYPTO_push_info_(info, NULL, 0);\r
+ int CRYPTO_push_info_(const char *info, const char *file, int line);\r
+ int CRYPTO_pop_info(void);\r
+ int CRYPTO_remove_all_info(void);\r
+@@ -528,17 +528,17 @@\r
+ \r
+ /* die if we have to */\r
+ void OpenSSLDie(const char *file,int line,const char *assertion);\r
+-#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))\r
++#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))\r
+ \r
+ unsigned long *OPENSSL_ia32cap_loc(void);\r
+ #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))\r
+ int OPENSSL_isservice(void);\r
+ \r
+ #ifdef OPENSSL_FIPS\r
+-#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \\r
++#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(NULL, 0, \\r
+ alg " previous FIPS forbidden algorithm error ignored");\r
+ \r
+-#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \\r
++#define FIPS_BAD_ABORT(alg) OpenSSLDie(NULL, 0, \\r
+ #alg " Algorithm forbidden in FIPS mode");\r
+ \r
+ #ifdef OPENSSL_FIPS_STRICT\r
Index: crypto/err/err.c\r
===================================================================\r
--- crypto/err/err.c (revision 1)\r
PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);\r
goto err;\r
}\r
+@@ -173,7 +176,8 @@\r
+ STACK_OF(PKCS7_SIGNER_INFO) *sinfos;\r
+ PKCS7_SIGNER_INFO *si;\r
+ X509_STORE_CTX cert_ctx;\r
+- char buf[4096];\r
++ char *buf = NULL;\r
++ int bufsiz;\r
+ int i, j=0, k, ret = 0;\r
+ BIO *p7bio;\r
+ BIO *tmpin, *tmpout;\r
+@@ -284,10 +288,16 @@\r
+ BIO_set_mem_eof_return(tmpout, 0);\r
+ } else tmpout = out;\r
+ \r
++ bufsiz = 4096;\r
++ buf = OPENSSL_malloc (bufsiz);\r
++ if (buf == NULL) {\r
++ goto err;\r
++ }\r
++\r
+ /* We now have to 'read' from p7bio to calculate digests etc. */\r
+ for (;;)\r
+ {\r
+- i=BIO_read(p7bio,buf,sizeof(buf));\r
++ i=BIO_read(p7bio,buf,bufsiz);\r
+ if (i <= 0) break;\r
+ if (tmpout) BIO_write(tmpout, buf, i);\r
+ }\r
+@@ -326,6 +336,10 @@\r
+ \r
+ sk_X509_free(signers);\r
+ \r
++ if (buf != NULL) {\r
++ OPENSSL_free (buf);\r
++ }\r
++\r
+ return ret;\r
+ }\r
+ \r
Index: crypto/rand/rand_egd.c\r
===================================================================\r
--- crypto/rand/rand_egd.c (revision 1)\r
===================================================================\r
--- crypto/x509/x509_vfy.c (revision 1)\r
+++ crypto/x509/x509_vfy.c (working copy)\r
-@@ -386,7 +386,11 @@\r
- \r
- static int check_chain_extensions(X509_STORE_CTX *ctx)\r
- {\r
--#ifdef OPENSSL_NO_CHAIN_VERIFY\r
-+#if defined(OPENSSL_NO_CHAIN_VERIFY) || defined(OPENSSL_SYS_UEFI)\r
-+ /* \r
-+ NOTE: Bypass KU Flags Checking for UEFI version. There are incorrect KU flag setting\r
-+ in Authenticode Signing Certificates. \r
-+ */\r
- return 1;\r
- #else\r
- int i, ok=0, must_be_ca, plen = 0;\r
-@@ -899,6 +903,10 @@\r
+@@ -899,6 +899,10 @@\r
\r
static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)\r
{\r
time_t *ptime;\r
int i;\r
\r
-@@ -942,6 +950,7 @@\r
+@@ -942,6 +946,7 @@\r
}\r
\r
return 1;\r
projects / mirror_edk2.git / blobdiff