openssl/x509 at OpenSSL_1_0_2-stable - openssl - Atria-soft GIT

generic-library/openssl

History

Matt Caswell 9f2ccf1d71 Prevent EBCDIC overread for very long strings

ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
This could result in arbitrary stack data being returned in the buffer.

Issue reported by Guido Vranken.

CVE-2016-2176

Reviewed-by: Andy Polyakov <appro@openssl.org>

2016-05-03 10:25:05 +01:00

..

by_dir.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

by_file.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

Makefile

Add test for CVE-2015-1793

2015-07-07 21:48:55 +01:00

verify_extra_test.c

Add test for CVE-2015-1793

2015-07-07 21:48:55 +01:00

vpm_int.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_att.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_cmp.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_d2.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_def.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_err.c

Add checks to X509_NAME_oneline()

2016-04-29 19:50:49 +01:00

x509_ext.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_lu.c

Remove useless code

2015-10-23 20:32:59 +02:00

x509_obj.c

Prevent EBCDIC overread for very long strings

2016-05-03 10:25:05 +01:00

x509_r2x.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

x509_req.c

Check public key is not NULL.

2015-03-02 15:26:41 +00:00

x509_set.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_trs.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_txt.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_v3.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509_vfy.c

Fix missing ok=0 with locally blacklisted CAs

2016-02-05 10:54:11 -05:00

x509_vfy.h

Fix X509_STORE_CTX_cleanup()

2016-01-02 11:14:05 -05:00

x509_vpm.c

Empty SNI names are not valid

2016-01-17 16:58:48 -05:00

x509.h

Add checks to X509_NAME_oneline()

2016-04-29 19:50:49 +01:00

x509cset.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509name.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

x509rset.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509spki.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x509type.c

Correctly check for export size limit

2015-05-20 22:19:34 +02:00

x_all.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00