generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
Matt Caswell 3fde6c9276 Avoid undefined behaviour in PACKET_buf_init 
Change the sanity check in PACKET_buf_init to check for excessive length
buffers, which should catch the interesting cases where len has been cast
from a negative value whilst avoiding any undefined behaviour.

RT#4094

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-21 16:13:53 +01:00
..
record
Address more Windows warnings illuminated by mingw.
2015-10-06 09:44:27 +02:00
bio_ssl.c
Handle SSL_ERROR_WANT_X509_LOOKUP
2015-09-20 14:19:49 +01:00
d1_both.c
Remove remaining old listen code
2015-09-23 13:53:26 +01:00
d1_clnt.c
Fix DTLS session ticket renewal
2015-08-26 10:17:49 +01:00
d1_lib.c
DTLS: remove unused cookie field
2015-10-09 15:32:35 +02:00
d1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
d1_msg.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
d1_srtp.c
PACKETise ServerHello processing
2015-09-07 10:45:38 +01:00
d1_srvr.c
Sanity check cookie_len
2015-09-23 13:53:27 +01:00
install-ssl.com
Updates following review comments
2015-05-16 09:20:52 +01:00
Makefile
make depend
2015-10-05 11:08:18 +02:00
packet_locl.h
Avoid undefined behaviour in PACKET_buf_init
2015-10-21 16:13:53 +01:00
s3_both.c
Remove Gost94 signature algorithm.
2015-08-11 18:23:29 -04:00
s3_cbc.c
Identify and move OpenSSL internal header files
2015-05-14 15:13:49 +02:00
s3_clnt.c
PACKET: simplify ServerKeyExchange parsing
2015-10-08 16:44:39 +02:00
s3_enc.c
Avoid duplication.
2015-06-23 22:24:09 +01:00
s3_lib.c
Make no-psk compile without warnings.
2015-10-11 13:38:01 +01:00
s3_msg.c
Introduce the functions RECORD_LAYER_release, RECORD_LAYER_read_pending, and
2015-03-26 15:01:59 +00:00
s3_srvr.c
Appease gcc's Wmaybe-uninitialized
2015-10-15 16:19:00 +02:00
ssl_algs.c
CCM support.
2015-08-14 06:56:11 +01:00
ssl_asn1.c
Enable -Wmissing-variable-declarations and
2015-09-11 04:51:55 +01:00
ssl_cert.c
Make no-psk compile without warnings.
2015-10-11 13:38:01 +01:00
ssl_ciph.c
Change the DEFAULT ciphersuites to exclude DES, RC4 and RC2
2015-09-30 19:15:06 +01:00
ssl_conf.c
Remove BIO_s_file_internal macro.
2015-10-02 14:22:05 -04:00
ssl_err2.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl_err.c
PACKET: simplify ServerKeyExchange parsing
2015-10-08 16:44:39 +02:00
ssl_lib.c
Fix no-stdio build
2015-09-29 21:59:19 -04:00
ssl_locl.h
DTLS: remove unused cookie field
2015-10-09 15:32:35 +02:00
ssl_rsa.c
Remove BIO_s_file_internal macro.
2015-10-02 14:22:05 -04:00
ssl_sess.c
DTLS: remove unused cookie field
2015-10-09 15:32:35 +02:00
ssl_stat.c
Version negotiation rewrite cleanup
2015-05-16 09:20:38 +01:00
ssl_txt.c
Remove BIO_s_file_internal macro.
2015-10-02 14:22:05 -04:00
ssl_utst.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
ssl-lib.com
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_clnt.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_enc.c
ccm8 support
2015-08-14 06:56:11 +01:00
t1_ext.c
Remove support for OPENSSL_NO_TLSEXT
2015-05-22 23:10:51 +01:00
t1_lib.c
Don't advance PACKET in ssl_check_for_safari
2015-10-07 16:17:52 +01:00
t1_meth.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_reneg.c
PACKETise ServerHello processing
2015-09-07 10:45:38 +01:00
t1_srvr.c
Move SSLv3_*method() functions
2015-05-16 09:20:58 +01:00
t1_trce.c
Add full PSK trace support
2015-07-30 14:43:35 +01:00
tls_srp.c
Use single master secret generation function.
2015-06-29 11:47:59 +01:00