generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/crypto
History
Emilia Kasper 370ac32030 Fix length checks in X509_cmp_time to avoid out-of-bounds reads. 
Also tighten X509_cmp_time to reject more than three fractional
seconds in the time; and to reject trailing garbage after the offset.

CVE-2015-1789

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-06-11 15:02:21 +01:00
..
aes
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
asn1
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
bf
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
bio
Fix memory leaks in BIO_dup_chain()
2015-06-10 10:29:31 +01:00
bn
Fix off-by-one error in BN_bn2hex
2015-06-04 09:29:13 +01:00
buffer
Replace memset with OPENSSL_cleanse()
2015-06-10 10:29:31 +01:00
camellia
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
cast
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
cmac
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
cms
Fix infinite loop in CMS
2015-06-11 15:02:21 +01:00
comp
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
conf
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
des
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
dh
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
dsa
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
dso
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
ec
EC_POINT_is_on_curve does not return a boolean
2015-06-10 10:51:17 +01:00
ecdh
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
ecdsa
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
engine
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
err
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
evp
Use CRYPTO_memcmp when comparing authenticators
2015-06-08 15:01:47 +02:00
hmac
Fix leak in HMAC error path
2015-06-10 11:08:51 +01:00
idea
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
jpake
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
krb5
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
lhash
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
md2
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
md4
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
md5
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
mdc2
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
modes
Use CRYPTO_memcmp when comparing authenticators
2015-06-08 15:01:47 +02:00
objects
return correct NID for undefined object
2015-06-08 21:47:05 +01:00
ocsp
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
pem
check for error when creating PKCS#8 structure
2015-05-28 18:02:19 +01:00
perlasm
Reduce version skew.
2012-06-08 09:18:47 +00:00
pkcs7
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
pkcs12
Use CRYPTO_memcmp when comparing authenticators
2015-06-08 15:01:47 +02:00
pqueue
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
rand
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
rc2
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
rc4
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
rc5
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
ripemd
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
rsa
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
seed
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
sha
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
srp
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
stack
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
store
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
threads
Code style: space after 'if'
2015-04-16 13:51:51 -04:00
ts
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
txt_db
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
ui
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
whrlpool
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
x509
Fix length checks in X509_cmp_time to avoid out-of-bounds reads.
2015-06-11 15:02:21 +01:00
x509v3
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
.cvsignore
Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
2008-04-17 10:19:16 +00:00
alphacpuid.pl
Alpha assembler fixed from HEAD.
2011-08-12 12:31:08 +00:00
arm_arch.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
armcap.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
armv4cpuid.S
ARM assembler pack update from HEAD.
2011-11-14 20:58:01 +00:00
constant_time_locl.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
constant_time_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
cpt_err.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
cryptlib.c
RT3820: Don't call GetDesktopWindow()
2015-05-02 08:02:06 -04:00
cryptlib.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
crypto-lib.com
Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces
2014-10-15 10:49:24 +02:00
crypto.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
cversion.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ebcdic.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ebcdic.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ex_data.c
Fix memory leak reporting.
2015-02-09 13:01:28 +00:00
fips_err.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
fips_ers.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ia64cpuid.S
IA64 assembler pack update from HEAD.
2011-11-14 20:45:57 +00:00
install-crypto.com
Adjust VMS build to Unix build. Most of all, make it so the disabled
2014-10-15 10:49:08 +02:00
LPdir_nyi.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
LPdir_unix.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
LPdir_vms.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
LPdir_win32.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
LPdir_win.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
LPdir_wince.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
Makefile
Fix the update target and remove duplicate file updates
2015-05-23 11:22:10 +02:00
md32_common.h
md32_common.h: backport ICC fix.
2015-05-26 09:58:12 +02:00
mem_clr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
mem_dbg.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
mem.c
Fix CRYPTO_strdup
2015-04-22 17:24:47 +01:00
o_dir_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
o_dir.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
o_dir.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
o_fips.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
o_init.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
o_str.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
o_str.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
o_time.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
o_time.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
opensslconf.h.in
Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and
2005-12-16 10:37:24 +00:00
opensslv.h
Prepare for 1.0.1n-dev
2015-03-19 13:41:07 +00:00
ossl_typ.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
pariscid.pl
PA-RISC assembler pack: switch to bve in 64-bit builds.
2013-06-30 23:15:53 +02:00
ppccap.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ppccpuid.pl
ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance
2012-04-27 20:20:15 +00:00
s390xcap.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s390xcpuid.S
s390x assembler pack update from HEAD.
2011-11-14 20:47:22 +00:00
sparccpuid.S
sparccpuid.S: work around emulator bug on T1.
2013-02-11 10:41:57 +01:00
sparcv9cap.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
symhacks.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
uid.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
vms_rms.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
x86_64cpuid.pl
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 22:54:04 +01:00
x86cpuid.pl
x86cpuid.pl: make it work with older CPUs.
2013-03-18 19:50:23 +01:00