Commit 4369a882a5 for openssl.org

commit 4369a882a565c42673b28c586a5c46a8bca98d17
Author: Dmitry Belyavskiy <beldmit@gmail.com>
Date:   Wed Jan 13 08:51:39 2021 +0100

    Skip BOM when reading the config file

    Fixes #13840

    Reviewed-by: Richard Levitte <levitte@openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/13857)

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index a7f5677a26..99063eaf68 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -194,6 +194,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
     BUF_MEM *buff = NULL;
     char *s, *p, *end;
     int again;
+    int first_call = 1;
     long eline = 0;
     char btmp[DECIMAL_SIZE(eline) + 1];
     CONF_VALUE *v = NULL, *tv;
@@ -243,6 +244,19 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
             goto err;
         p[CONFBUFSIZE - 1] = '\0';
         ii = i = strlen(p);
+        if (first_call) {
+            /* Other BOMs imply unsupported multibyte encoding,
+             * so don't strip them and let the error raise */
+            const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
+
+            if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
+                memmove(p, p + 3, i - 3);
+                p[i - 3] = 0;
+                i -= 3;
+                ii -= 3;
+            }
+            first_call = 0;
+        }
         if (i == 0 && !again) {
             /* the currently processed BIO is NULL or at EOF */
             BIO *parent;