Matt Caswell b11980d79a Check for 0 modulus in BN_MONT_CTX_set ...

The function BN_MONT_CTX_set was assuming that the modulus was non-zero
and therefore that |mod->top| > 0. In an error situation that may not be
the case and could cause a seg fault.

This is a follow on from CVE-2015-1794.

Reviewed-by: Richard Levitte <levitte@openssl.org>

2015-08-11 20:23:00 +01:00

..

aes

Conversion to UTF-8 where needed

2015-07-14 01:18:57 +02:00

asn1

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

bf

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

bio

Remove one extraneous parenthesis

2015-06-16 13:14:09 +02:00

bn

Check for 0 modulus in BN_MONT_CTX_set

2015-08-11 20:23:00 +01:00

buffer

Replace memset with OPENSSL_cleanse()

2015-06-10 10:29:31 +01:00

camellia

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

cast

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

cmac

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

cms

Fix infinite loop in CMS

2015-06-11 15:02:21 +01:00

comp

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

conf

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

des

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

dh

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

dsa

RT3774: double-free in DSA

2015-07-29 21:21:47 -04:00

dso

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

ec

Fix warning when compiling with no-ec2m

2015-08-04 10:52:09 +01:00

ecdh

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

ecdsa

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

engine

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

err

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

evp

Relax CCM tag check.

2015-07-06 18:36:10 +01:00

hmac

Fix ABI break with HMAC

2015-06-12 14:43:23 +01:00

idea

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

jpake

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

krb5

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

lhash

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

md2

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

md4

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

md5

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

mdc2

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

modes

Conversion to UTF-8 where needed

2015-07-14 01:18:57 +02:00

objects

return correct NID for undefined object

2015-06-08 21:47:05 +01:00

ocsp

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

pem

check for error when creating PKCS#8 structure

2015-05-28 18:02:19 +01:00

perlasm

Reduce version skew.

2012-06-08 09:18:47 +00:00

pkcs7

PKCS#7: Fix NULL dereference with missing EncryptedContent.

2015-06-11 15:02:21 +01:00

pkcs12

Don't output bogus errors in PKCS12_parse

2015-06-25 04:55:56 +01:00

pqueue

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

rand

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

rc2

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

rc4

Conversion to UTF-8 where needed

2015-07-14 01:18:57 +02:00

rc5

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

ripemd

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

rsa

use X9.31 keygen by default in FIPS mode

2015-07-30 14:35:42 +01:00

seed

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

sha

Conversion to UTF-8 where needed

2015-07-14 01:18:57 +02:00

srp

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

stack

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

store

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

threads

Cleanup mttest.c : because we no longer use stdio here, don't include it

2015-06-21 22:13:28 +02:00

ts

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

txt_db

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

ui

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

whrlpool

Conversion to UTF-8 where needed

2015-07-14 01:18:57 +02:00

x509

Fix alt chains bug

2015-07-07 22:57:36 +01:00

x509v3

Conversion to UTF-8 where needed

2015-07-14 01:18:57 +02:00

.cvsignore

Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev

2008-04-17 10:19:16 +00:00

alphacpuid.pl

Alpha assembler fixed from HEAD.

2011-08-12 12:31:08 +00:00

arm_arch.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

armcap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

armv4cpuid.S

ARM assembler pack update from HEAD.

2011-11-14 20:58:01 +00:00

constant_time_locl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

constant_time_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cpt_err.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cryptlib.c

RT3820: Don't call GetDesktopWindow()

2015-05-02 08:02:06 -04:00

cryptlib.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

crypto-lib.com

Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces

2014-10-15 10:49:24 +02:00

crypto.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cversion.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ebcdic.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ebcdic.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ex_data.c

Fix memory leak reporting.

2015-02-09 13:01:28 +00:00

fips_err.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

fips_ers.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ia64cpuid.S

IA64 assembler pack update from HEAD.

2011-11-14 20:45:57 +00:00

install-crypto.com

Adjust VMS build to Unix build. Most of all, make it so the disabled

2014-10-15 10:49:08 +02:00

LPdir_nyi.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_unix.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_vms.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_win32.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_win.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_wince.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

Makefile

Fix the update target and remove duplicate file updates

2015-05-23 11:22:10 +02:00

md32_common.h

md32_common.h: backport ICC fix.

2015-05-26 09:58:12 +02:00

mem_clr.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

mem_dbg.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

mem.c

Fix CRYPTO_strdup

2015-04-22 17:24:47 +01:00

o_dir_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_dir.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_dir.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_fips.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_init.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_str.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_str.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_time.c

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

o_time.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

opensslconf.h.in

Make preprocessor error into real preprocessor error

2015-06-16 13:14:09 +02:00

opensslv.h

Prepare for 1.0.1q-dev

2015-07-09 13:29:59 +01:00

ossl_typ.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

pariscid.pl

PA-RISC assembler pack: switch to bve in 64-bit builds.

2013-06-30 23:15:53 +02:00

ppccap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ppccpuid.pl

ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance

2012-04-27 20:20:15 +00:00

s390xcap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

s390xcpuid.S

s390x assembler pack update from HEAD.

2011-11-14 20:47:22 +00:00

sparccpuid.S

Conversion to UTF-8 where needed

2015-07-14 01:18:57 +02:00

sparcv9cap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

symhacks.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

uid.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

vms_rms.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

x86_64cpuid.pl

x86_64 assembly pack: make Windows build more robust [from master].

2013-01-22 22:54:04 +01:00

x86cpuid.pl

x86cpuid.pl: make it work with older CPUs.

2013-03-18 19:50:23 +01:00