generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
2cdafc51f008e65b2d5263a80ad0e89e9b56c8d3
openssl/crypto
History
Dr. Stephen Henson 2cdafc51f0 Fix leak with ASN.1 combine. 
When parsing a combined structure pass a flag to the decode routine
so on error a pointer to the parent structure is not zeroed as
this will leak any additional components in the parent.

This can leak memory in any application parsing PKCS#7 or CMS structures.

CVE-2015-3195.

Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
libFuzzer.

PR#4131

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-02 21:40:20 +01:00
..
aes
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
asn1
Fix leak with ASN.1 combine.
2015-12-02 21:40:20 +01:00
bf
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
bio
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
bn
Fix off-by-one error in BN_bn2hex
2015-06-04 09:33:01 +01:00
buffer
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
camellia
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
cast
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
cms
Fix infinite loop in CMS
2015-06-11 13:07:42 +01:00
comp
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
conf
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
des
Fixed bad formatting in crypto/des/spr.h
2015-02-05 09:46:24 -05:00
dh
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
dsa
Code style: space after 'if'
2015-04-16 13:54:47 -04:00
dso
Code style: space after 'if'
2015-04-16 13:54:47 -04:00
ec
EC_POINT_is_on_curve does not return a boolean
2015-06-10 10:59:20 +01:00
ecdh
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
ecdsa
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
engine
Fix for reformat problems with e_padlock.c
2015-01-22 14:17:04 +00:00
err
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
evp
Typo.
2015-10-11 00:39:27 +01:00
hmac
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
idea
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
jpake
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
krb5
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
lhash
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
md2
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
md4
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
md5
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
mdc2
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
objects
return correct NID for undefined object
2015-06-08 21:47:41 +01:00
ocsp
Make OCSP response verification more flexible.
2015-03-24 12:15:17 +00:00
pem
check for error when creating PKCS#8 structure
2015-05-28 18:03:04 +01:00
perlasm
perlasm/cbc.pl: fix tail processing bug [from HEAD].
2011-07-13 06:25:15 +00:00
pkcs7
PKCS#7: Fix NULL dereference with missing EncryptedContent.
2015-06-11 13:07:49 +01:00
pkcs12
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
pqueue
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
rand
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
rc2
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
rc4
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
rc5
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
ripemd
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
rsa
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
seed
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
sha
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
stack
make update
2015-03-19 13:47:27 +00:00
store
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
threads
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
txt_db
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
ui
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x509
Fix length checks in X509_cmp_time to avoid out-of-bounds reads.
2015-06-11 13:07:49 +01:00
x509v3
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
.cvsignore
FIPS merge "crypto" functions.
2008-09-16 15:11:50 +00:00
constant_time_locl.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
constant_time_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
cpt_err.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
cryptlib.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
cryptlib.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
crypto-lib.com
Have an underscore before <ARCH> to make sure any future architecture
2010-03-25 14:45:22 +00:00
crypto.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
cversion.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
dyn_lck.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
ebcdic.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
ebcdic.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
ex_data.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
fips_err.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
fips_err.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
ia64cpuid.S
Cpuid modules updates.
2005-05-03 21:05:06 +00:00
install.com
Remove tmdiff.h from EXHEADERS as it doesn't exist.
2009-08-25 07:28:18 +00:00
LPdir_nyi.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
LPdir_unix.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
LPdir_vms.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
LPdir_win32.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
LPdir_win.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
LPdir_wince.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
Makefile
Add constant_time_locl.h to HEADERS,
2014-10-17 14:04:08 +02:00
md32_common.h
Fix warnings.
2015-03-08 17:23:40 +00:00
mem_clr.c
Make sure OPENSSL_cleanse checks for NULL
2015-09-17 22:37:21 +01:00
mem_dbg.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
mem.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
o_dir_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
o_dir.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
o_dir.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
o_init.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
o_str.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
o_str.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
o_time.c
Re-align some comments after running the reformat script.
2015-01-22 09:53:07 +00:00
o_time.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
opensslconf.h.in
Implement Configure option pattern "experimental-foo"
2008-12-02 01:21:06 +00:00
opensslv.h
Prepare for 0.9.8zh-dev
2015-06-11 15:23:16 +01:00
ossl_typ.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
sparccpuid.S
Cpuid modules updates.
2005-05-03 21:05:06 +00:00
symhacks.h
VMS build fix
2015-03-19 13:00:45 +00:00
tmdiff.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
tmdiff.h
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
uid.c
Run util/openssl-format-source -v -c .
2015-01-22 09:52:55 +00:00
x86_64cpuid.pl
x86_64cpuid.pl update [from HEAD].
2007-11-11 16:25:00 +00:00
x86cpuid.pl
x86cpuid.pl: make it work with older CPU.
2013-03-18 20:03:44 +01:00