openssl

History

Matt Caswell 1a9499cf23 Reject negative shifts for BN_rshift and BN_lshift

The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.

Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 7cc18d8158b5fc2676393d99b51c30c135502107)

Conflicts:
	crypto/bn/bn.h
	crypto/bn/bn_err.c

2015-05-22 23:19:34 +01:00

aes

aes/asm/aesni-sha256-x86_64.pl: fix Windows compilation failure with old assembler.

2015-05-13 17:00:06 +02:00

asn1

Fix encoding bug in i2c_ASN1_INTEGER

2015-04-18 14:43:33 +01:00

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

bio

Clarify logic in BIO_*printf functions

2015-04-30 23:21:53 +01:00

Reject negative shifts for BN_rshift and BN_lshift

2015-05-22 23:19:34 +01:00

buffer

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

camellia

Fix crash in SPARC T4 XTS.

2015-02-24 10:12:57 +01:00

cast

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

cmac

Add NULL checks from master

2015-05-13 12:55:03 -04:00

cms

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

comp

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

conf

RT3670: Check return from BUF_MEM_grow_clean

2015-02-12 13:01:33 -05:00

des

Sanity check DES_enc_write buffer length

2015-04-30 23:14:55 +01:00

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

dsa

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

dso

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

Add sanity check to print_bin function

2015-04-30 23:21:53 +01:00

ecdh

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ecdsa

Fix RAND_(pseudo_)?_bytes returns

2015-03-25 12:41:28 +00:00

engine

Remove unused eng_rsax and related asm file

2015-01-26 10:46:26 -05:00

err

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

evp

Correctly check for export size limit

2015-05-20 22:19:34 +02:00

hmac

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

idea

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

jpake

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

krb5

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

lhash

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

md2

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

md4

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

md5

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

mdc2

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

modes

Appease clang -Wshadow

2015-04-08 17:59:41 +02:00

objects

Call of memcmp with null pointers in obj_cmp()

2015-05-13 15:28:48 +01:00

ocsp

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

pem

Fix formatting error in pem.h

2015-01-22 14:11:04 +00:00

perlasm

Fix crash in SPARC T4 XTS.

2015-02-24 10:12:57 +01:00

pkcs7

PKCS#7: avoid NULL pointer dereferences with missing content

2015-03-19 12:58:35 +00:00

pkcs12

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

pqueue

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

rand

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

rc2

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

rc4

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

rc5

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ripemd

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

rsa

Fix buffer overrun in RSA signing

2015-04-30 23:21:53 +01:00

seed

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

sha

sha/asm/sha*-armv8.pl: add Denver and X-Gene esults.

2015-04-02 09:51:32 +02:00

srp

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

stack

Fix memset call in stack.c

2015-03-17 13:48:04 +00:00

store

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

threads

Code style: space after 'if'

2015-04-16 13:50:01 -04:00

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

txt_db

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

Assume TERMIOS is default, remove TERMIO on all Linux.

2015-02-22 08:10:29 +01:00

whrlpool

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

x509

Correctly check for export size limit

2015-05-20 22:19:34 +02:00

x509v3

Add missing NULL check in X509V3_parse_list()

2015-05-11 12:19:54 +01:00

.cvsignore

Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev

2008-04-17 10:19:16 +00:00

alphacpuid.pl

Alpha assembler fixed from HEAD.

2011-08-12 12:31:08 +00:00

arm64cpuid.S

Add linux-aarch64 taget.

2014-06-10 23:20:55 +02:00

arm_arch.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

armcap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

armv4cpuid.S

Remove inconsistency in ARM support.

2015-01-06 11:14:23 +01:00

constant_time_locl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

constant_time_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

cpt_err.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

cryptlib.c

RT3820: Don't call GetDesktopWindow()

2015-05-02 08:01:52 -04:00

cryptlib.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

crypto-lib.com

Adjust VMS build to Unix build. Most of all, make it so the disabled

2014-06-18 13:43:09 +02:00

crypto.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

cversion.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ebcdic.c

Appease clang -Wempty-translation-unit

2015-04-08 17:59:40 +02:00

ebcdic.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ex_data.c

Fix memory leak reporting.

2015-02-09 13:01:15 +00:00

fips_err.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

fips_ers.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ia64cpuid.S

IA64 assembler pack update from HEAD.

2011-11-14 20:45:57 +00:00

install-crypto.com

Adjust VMS build to Unix build. Most of all, make it so the disabled

2014-06-18 13:43:09 +02:00

LPdir_nyi.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

LPdir_unix.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

LPdir_vms.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

LPdir_win32.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

LPdir_win.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

LPdir_wince.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

Makefile

Make output from openssl version -f consistent with previous versions

2015-01-13 11:28:54 +00:00

md32_common.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

mem_clr.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

mem_dbg.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

mem.c

Fix CRYPTO_strdup

2015-04-22 17:20:38 +01:00

o_dir_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

o_dir.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

o_dir.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

o_fips.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

o_init.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

o_str.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

o_str.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

o_time.c

Re-align some comments after running the reformat script.

2015-01-22 09:31:48 +00:00

o_time.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

opensslconf.h.in

Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and

2005-12-16 10:37:24 +00:00

opensslv.h

Prepare for 1.0.2b-dev

2015-03-19 13:34:56 +00:00

ossl_typ.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

pariscid.pl

PA-RISC assembler pack: switch to bve in 64-bit builds.

2013-06-30 23:13:23 +02:00

ppc_arch.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ppccap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

ppccpuid.pl

Initial POWER8 support from development branch.

2014-07-20 14:36:49 +02:00

s390xcap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

s390xcpuid.S

s390x assembler pack update from HEAD.

2011-11-14 20:47:22 +00:00

sparc_arch.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

sparccpuid.S

sparcv9cap.c: update from master.

2013-05-20 00:16:18 +02:00

sparcv9cap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

symhacks.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

uid.c

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

vms_rms.h

Run util/openssl-format-source -v -c .

2015-01-22 09:31:38 +00:00

x86_64cpuid.pl

x86[_64]cpuid.pl: add low-level RDSEED.

2014-02-14 17:25:14 +01:00

x86cpuid.pl

x86[_64]cpuid.pl: add low-level RDSEED.

2014-02-14 17:25:14 +01:00