From 401a5de84e5a6c25d512521fec6af1c562b9bad4 Mon Sep 17 00:00:00 2001
From: dongyuzhen <dongyuzhen@h-partners.com>
Date: Fri, 22 Sep 2023 07:02:47 +0000
Subject: [PATCH] Backport some upstream patches

---
 ...ereference-occurs-when-memory-alloca.patch | 36 ++++++++++++++++++
 ...t-some-error-bits-in-recently-added-.patch | 37 +++++++++++++++++++
 openssl.spec                                  |  7 +++-
 3 files changed, 79 insertions(+), 1 deletion(-)
 create mode 100644 backport-A-null-pointer-dereference-occurs-when-memory-alloca.patch
 create mode 100644 backport-Make-DH_check-set-some-error-bits-in-recently-added-.patch

diff --git a/backport-A-null-pointer-dereference-occurs-when-memory-alloca.patch b/backport-A-null-pointer-dereference-occurs-when-memory-alloca.patch
new file mode 100644
index 0000000..afd87ba
--- /dev/null
+++ b/backport-A-null-pointer-dereference-occurs-when-memory-alloca.patch
@@ -0,0 +1,36 @@
+From a8da305fa3dd6e34ba5aab3978281f652fd12883 Mon Sep 17 00:00:00 2001
+From: yangyangtiantianlonglong <yangtianlong1224@163.com>
+Date: Mon, 31 Jul 2023 07:04:41 -0700
+Subject: [PATCH] A null pointer dereference occurs when memory allocation
+ fails
+
+Fixes #21605
+
+Reviewed-by: Hugo Landau <hlandau@openssl.org>
+Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
+Reviewed-by: Paul Dale <pauli@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/21606)
+---
+ ssl/ssl_sess.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
+index cda6b7cc5b..2a5d21be79 100644
+--- a/ssl/ssl_sess.c
++++ b/ssl/ssl_sess.c
+@@ -139,8 +139,11 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
+     dest->references = 1;
+ 
+     dest->lock = CRYPTO_THREAD_lock_new();
+-    if (dest->lock == NULL)
++    if (dest->lock == NULL) {
++        OPENSSL_free(dest);
++        dest = NULL;
+         goto err;
++    }
+ 
+     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, dest, &dest->ex_data))
+         goto err;
+-- 
+2.27.0
+
diff --git a/backport-Make-DH_check-set-some-error-bits-in-recently-added-.patch b/backport-Make-DH_check-set-some-error-bits-in-recently-added-.patch
new file mode 100644
index 0000000..271c481
--- /dev/null
+++ b/backport-Make-DH_check-set-some-error-bits-in-recently-added-.patch
@@ -0,0 +1,37 @@
+From eec805ee71356c06f9a86192fa06507c3bb92b09 Mon Sep 17 00:00:00 2001
+From: Bernd Edlinger <bernd.edlinger@hotmail.de>
+Date: Sun, 23 Jul 2023 14:27:54 +0200
+Subject: [PATCH] Make DH_check set some error bits in recently added error
+
+The pre-existing error cases where DH_check returned zero
+are not related to the dh params in any way, but are only
+triggered by out-of-memory errors, therefore having *ret
+set to zero feels right, but since the new error case is
+triggered by too large p values that is something different.
+On the other hand some callers of this function might not
+be prepared to handle the return value correctly but only
+rely on *ret. Therefore we set some error bits in *ret as
+additional safety measure.
+
+Reviewed-by: Paul Dale <pauli@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/21533)
+---
+ crypto/dh/dh_check.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
+index e5f9dd5030..2001d2e7cb 100644
+--- a/crypto/dh/dh_check.c
++++ b/crypto/dh/dh_check.c
+@@ -104,6 +104,7 @@ int DH_check(const DH *dh, int *ret)
+     /* Don't do any checks at all with an excessively large modulus */
+     if (BN_num_bits(dh->p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
+         DHerr(DH_F_DH_CHECK, DH_R_MODULUS_TOO_LARGE);
++        *ret = DH_CHECK_P_NOT_PRIME;
+         return 0;
+     }
+ 
+-- 
+2.27.0
+
diff --git a/openssl.spec b/openssl.spec
index 4028637..5fc7f67 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -2,7 +2,7 @@
 Name:        openssl
 Epoch:       1
 Version:     1.1.1m
-Release:     22
+Release:     23
 Summary:     Cryptography and SSL/TLS Toolkit
 License:     OpenSSL and SSLeay
 URL:         https://www.openssl.org/
@@ -75,6 +75,8 @@ Patch64:     backport-CVE-2023-3446-Fix-DH_check-excessive-time-with-over-sized-
 Patch65:     backport-Add-a-test-for-CVE-2023-3446.patch
 Patch66:     backport-CVE-2023-3817.patch
 Patch67:     backport-CVE-2023-3817-testcase.patch
+Patch68:     backport-A-null-pointer-dereference-occurs-when-memory-alloca.patch
+Patch69:     backport-Make-DH_check-set-some-error-bits-in-recently-added-.patch
 
 BuildRequires: gcc perl make lksctp-tools-devel coreutils util-linux zlib-devel
 Requires:    coreutils %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
@@ -283,6 +285,9 @@ make test || :
 %ldconfig_scriptlets libs
 
 %changelog
+* Fri Sep 22 2023 dongyuzhen <dongyuzhen@h-partners.com> - 1:1.1.1m-23
+- Backport some upstream patches
+
 * Wed Aug 2 2023  liningjie <liningjie@xfusion.com> - 1:1.1.1m-22
 - fix CVE-2023-3817
 
-- 
Gitee