generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/crypto/asn1
History
Dr. Stephen Henson 2cdafc51f0 Fix leak with ASN.1 combine. 
When parsing a combined structure pass a flag to the decode routine
so on error a pointer to the parent structure is not zeroed as
this will leak any additional components in the parent.

This can leak memory in any application parsing PKCS#7 or CMS structures.

CVE-2015-3195.

Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
libFuzzer.

PR#4131

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-02 21:40:20 +01:00
..
.cvsignore
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
a_bitstr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_bool.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_bytes.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_d2i_fp.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_digest.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_dup.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_enum.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_gentm.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_hdr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_i2d_fp.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_int.c
Fix encoding bug in i2c_ASN1_INTEGER
2015-04-18 14:45:38 +01:00
a_mbstr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_object.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_octet.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_print.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_set.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_sign.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_strex.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_strnid.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_time.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_type.c
Fix ASN1_TYPE_cmp
2015-03-19 13:00:44 +00:00
a_utctm.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_utf8.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
a_verify.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn1_err.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn1_gen.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn1_lib.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn1_mac.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn1_par.c
Fix uninitialised p error.
2015-11-24 16:56:02 +00:00
asn1.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn1t.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn_mime.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn_moid.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn_pack.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
charmap.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
charmap.pl
New ASN1_STRING_print_ex() and X509_NAME_print_ex()
2000-07-28 01:58:15 +00:00
d2i_pr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
d2i_pu.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
evp_asn1.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
f_enum.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
f_int.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
f_string.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
i2d_pr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
i2d_pu.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
Makefile
Make update: delete duplicate error code.
2008-09-17 17:11:09 +00:00
n_pkey.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
nsseq.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
p5_pbe.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
p5_pbev2.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
p8_key.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
p8_pkey.c
Check PKCS#8 pkey field is valid before cleansing.
2015-02-03 14:02:51 +00:00
t_bitst.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
t_crl.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
t_pkey.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
t_req.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
t_spki.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
t_x509.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
t_x509a.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
tasn_dec.c
Fix leak with ASN.1 combine.
2015-12-02 21:40:20 +01:00
tasn_enc.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
tasn_fre.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
tasn_new.c
Don't set *pval to NULL in ASN1_item_ex_new.
2015-04-10 19:54:13 +01:00
tasn_prn.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
tasn_typ.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
tasn_utl.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_algor.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_attrib.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_bignum.c
Fix format script.
2015-03-02 13:50:01 +00:00
x_crl.c
Rerun util/openssl-format-source -v -c .
2015-01-22 09:53:02 +00:00
x_exten.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_info.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_long.c
Fix format script.
2015-03-02 13:50:01 +00:00
x_name.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_pkey.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_pubkey.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_req.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_sig.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_spki.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_val.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x_x509.c
Code style: space after 'if'
2015-04-16 13:54:47 -04:00
x_x509a.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00