generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/crypto
History
Matt Caswell 3475c7a185 Fix unintended sign extension 
The function CRYPTO_128_unwrap_pad uses an 8 byte AIV (Alternative Initial
Value). The least significant 4 bytes of this is placed into the local
variable |ptext_len|. This is done as follows:

    ptext_len = (aiv[4] << 24) | (aiv[5] << 16) | (aiv[6] << 8) | aiv[7];

aiv[4] is an unsigned char, but (aiv[4] << 24) is promoted to a *signed*
int - therefore we could end up shifting into the sign bit and end up with
a negative value. |ptext_len| is a size_t (typically 64-bits). If the
result of the shifts is negative then the upper bits of |ptext_len| will
all be 1.

This commit fixes the issue by explicitly casting to an unsigned int.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-17 13:39:53 +00:00
..
aes
Fix undefined behaviour in shifts.
2015-03-13 21:10:13 -07:00
asn1
Make X509_ATTRIBUTE opaque.
2015-03-16 15:54:19 +00:00
bf
clang on Linux x86_64 complains about unreachable code.
2015-01-29 01:54:09 +01:00
bio
BIO_debug_callback: Fix output on 64-bit machines
2015-03-10 12:32:39 +01:00
bn
Fix error handling in bn_exp
2015-03-12 09:18:22 +00:00
buffer
size_t for buffer functions.
2015-02-13 13:50:36 +00:00
camellia
Fix crash in SPARC T4 XTS.
2015-02-24 10:11:36 +01:00
cast
Dead code cleanup: #if 0 dropped from tests
2015-02-02 11:11:34 -05:00
cmac
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
cms
Unchecked malloc fixes
2015-03-05 09:09:57 +00:00
comp
Dead code removal: #if 0 bio, comp, rand
2015-01-29 21:38:57 -05:00
conf
RT3670: Check return from BUF_MEM_grow_clean
2015-02-12 13:00:42 -05:00
des
des/asm/des_enc.m4: fix brown-bag typo in last commit.
2015-02-09 08:58:43 +01:00
dh
Fix dh_pub_encode
2015-03-12 09:22:56 +00:00
dsa
Fix dsa_pub_encode
2015-03-12 09:23:42 +00:00
dso
Unchecked malloc fixes
2015-03-05 09:09:57 +00:00
ec
Avoid reading an unused byte after the buffer
2015-03-14 18:23:41 +01:00
ecdh
Update ordinals, fix error message.
2015-03-15 15:56:24 +00:00
ecdsa
Update ordinals, fix error message.
2015-03-15 15:56:24 +00:00
engine
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
2015-03-11 09:29:37 -04:00
err
Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
2015-03-11 09:29:37 -04:00
evp
Fix EVP_DigestInit_ex with NULL digest
2015-03-12 09:19:24 +00:00
hmac
HMAC_cleanup, and HMAC_Init are stated as deprecated in the docs and source.
2015-02-10 14:32:56 +00:00
idea
clang on Linux x86_64 complains about unreachable code.
2015-01-29 01:54:09 +01:00
include/internal
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
jpake
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
krb5
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
lhash
Add missing declaration for lh_node_usage_stats
2015-01-28 12:27:23 -05:00
md2
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
md4
clang on Linux x86_64 complains about unreachable code.
2015-01-29 01:54:09 +01:00
md5
clang on Linux x86_64 complains about unreachable code.
2015-01-29 01:54:09 +01:00
mdc2
ui_compat cleanup; makefiles and vms
2015-02-06 16:49:17 -05:00
modes
Fix unintended sign extension
2015-03-17 13:39:53 +00:00
objects
Unchecked malloc fixes
2015-03-05 09:09:57 +00:00
ocsp
Remove obsolete declarations.
2015-03-12 14:12:17 +00:00
pem
ui_compat cleanup; makefiles and vms
2015-02-06 16:49:17 -05:00
perlasm
Fix crash in SPARC T4 XTS.
2015-02-24 10:11:36 +01:00
pkcs7
Make X509_ATTRIBUTE opaque.
2015-03-16 15:54:19 +00:00
pkcs12
Make X509_ATTRIBUTE opaque.
2015-03-16 15:54:19 +00:00
pqueue
Dead code removal: #if 0 conf, dso, pqueue, threads
2015-01-30 12:46:49 -05:00
rand
Unchecked malloc fixes
2015-03-05 09:09:57 +00:00
rc2
clang on Linux x86_64 complains about unreachable code.
2015-01-29 01:54:09 +01:00
rc4
clang on Linux x86_64 complains about unreachable code.
2015-01-29 01:54:09 +01:00
rc5
ifdef cleanup, part 4a: '#ifdef undef'
2015-01-24 10:58:38 -05:00
ripemd
Dead code: crypto/dh,modes,pkcs12,ripemd,rsa,srp
2015-02-03 11:20:56 -05:00
rsa
Fix RSA_X931_derive_ex
2015-03-12 09:26:14 +00:00
seed
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
sha
ARMv4 assembly pack: add Cortex-A15 performance data.
2015-03-08 14:09:32 +01:00
srp
Dead code: crypto/dh,modes,pkcs12,ripemd,rsa,srp
2015-02-03 11:20:56 -05:00
stack
Fix memset call in stack.c
2015-03-17 13:39:53 +00:00
store
util/mkstack.pl now generates entire safestack.h
2015-02-06 10:47:53 -05:00
threads
Unchecked malloc fixes
2015-03-05 09:09:57 +00:00
ts
Remove obsolete declarations.
2015-03-12 14:12:17 +00:00
txt_db
OPENSSL_NO_xxx cleanup: many removals
2015-01-27 10:06:22 -05:00
ui
Assume TERMIOS is default, remove TERMIO on all Linux.
2015-02-21 23:51:05 +01:00
whrlpool
Re-align some comments after running the reformat script.
2015-01-22 09:20:10 +00:00
x509
Make X509_ATTRIBUTE opaque.
2015-03-16 15:54:19 +00:00
x509v3
Remove obsolete declarations.
2015-03-12 14:12:17 +00:00
alphacpuid.pl
alphacpuid.pl: fix alignment bug.
2011-08-12 12:28:52 +00:00
arm64cpuid.pl
Add assembly support to ios64-cross.
2015-01-23 15:38:41 +01:00
arm_arch.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
armcap.c
Add assembly support to ios64-cross.
2015-01-23 15:38:41 +01:00
armv4cpuid.S
Remove inconsistency in ARM support.
2015-01-04 23:45:08 +01:00
c64xpluscpuid.pl
C64x+ assembly pack: make it work with older toolchain.
2014-05-04 16:38:32 +02:00
constant_time_locl.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
constant_time_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
cpt_err.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
cryptlib.c
OPENSSL_NO_XXX cleanup: OPENSSL_NO_BUF_FREELISTS
2015-01-27 16:43:53 -05:00
cryptlib.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
crypto-lib.com
Catch up the VMS build.
2015-03-05 18:20:06 +01:00
crypto.h
"#if 0" removal: header files
2015-01-27 17:44:12 -05:00
cversion.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ebcdic.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ebcdic.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ex_data.c
Fix memory leak reporting.
2015-02-09 12:53:36 +00:00
fips_err.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
fips_ers.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ia64cpuid.S
IA-64 assembler pack: fix typos and make it work on HP-UX.
2011-05-07 20:36:05 +00:00
install-crypto.com
ui_compat cleanup; makefiles and vms
2015-02-06 16:49:17 -05:00
lock.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
LPdir_nyi.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
LPdir_unix.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
LPdir_vms.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
LPdir_win32.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
LPdir_win.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
LPdir_wince.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
Makefile
Add assembly support to ios64-cross.
2015-01-23 15:38:41 +01:00
md32_common.h
Keep disclaiming 16-bit support.
2015-01-23 19:09:01 +01:00
mem_clr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
mem_dbg.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
mem.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
o_dir_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
o_dir.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
o_dir.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
o_fips.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
o_init.c
Dead code cleanup: crypto/*.c, x509v3, demos
2015-02-02 11:08:16 -05:00
o_str.c
ifdef cleanup part 3: OPENSSL_SYSNAME
2015-01-23 11:58:26 -05:00
o_str.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
o_time.c
Re-align some comments after running the reformat script.
2015-01-22 09:20:10 +00:00
opensslconf.h.in
RT3548: Remove unsupported platforms
2014-12-28 01:17:52 -05:00
opensslv.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ossl_typ.h
Remove obsolete declarations.
2015-03-12 14:12:17 +00:00
pariscid.pl
PA-RISC assembler pack: switch to bve in 64-bit builds.
2013-06-18 10:37:00 +02:00
ppc_arch.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ppccap.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ppccpuid.pl
aesp8-ppc.pl: fix typos.
2014-06-04 08:34:18 +02:00
s390xcap.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
s390xcpuid.S
Multiple assembler packs: add experimental memory bus instrumentation.
2011-04-17 12:46:00 +00:00
sparc_arch.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
sparccpuid.S
sparccpuid.S: work around emulator bug on T1.
2013-02-11 10:39:50 +01:00
sparcv9cap.c
Dead code cleanup: crypto/*.c, x509v3, demos
2015-02-02 11:08:16 -05:00
symhacks.h
Remove ui_compat
2015-02-06 14:52:40 -05:00
thr_id.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
uid.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
vms_rms.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
x86_64cpuid.pl
x86[_64]cpuid.pl: add low-level RDSEED.
2014-02-14 17:24:12 +01:00
x86cpuid.pl
Undo a90081576c94f9f54de1755188a00ccc1760549a
2014-08-09 08:02:20 -04:00