generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/ssl
History
David Benjamin 7a433893ad Fix memory leak on invalid CertificateRequest. 
Free up parsed X509_NAME structure if the CertificateRequest message
contains excess data.

The security impact is considered insignificant. This is a client side
only leak and a large number of connections to malicious servers would
be needed to have a significant impact.

This was found by libFuzzer.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
(cherry picked from commit ec66c8c98881186abbb4a7ddd6617970f1ee27a7)
2016-04-07 19:27:45 +01:00
..
bio_ssl.c
Handle SSL_ERROR_WANT_X509_LOOKUP
2015-09-20 14:22:52 +01:00
clienthellotest.c
Add test for SSL_set_session_ticket_ext
2015-07-27 16:14:02 +01:00
d1_both.c
Add a check for a failed malloc
2016-03-18 11:59:11 +00:00
d1_clnt.c
Only call ssl3_init_finished_mac once for DTLS
2015-11-10 18:47:57 +00:00
d1_enc.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
d1_lib.c
Clear state in DTLSv1_listen
2015-06-02 09:12:39 +01:00
d1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
d1_pkt.c
Lost alert in DTLS
2015-05-22 10:24:49 +01:00
d1_srtp.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
d1_srvr.c
Stop DTLS servers asking for unsafe legacy renegotiation
2015-11-10 19:27:25 +00:00
dtls1.h
Fix d2i_SSL_SESSION for DTLS1_BAD_VER
2015-02-27 20:32:49 +00:00
heartbeat_test.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
install-ssl.com
Don't forget to install srtp.h as well
2012-05-10 15:01:22 +00:00
kssl_lcl.h
Remove the "eay" c-file-style indicators
2015-12-18 13:13:31 +01:00
kssl.c
Remove the "eay" c-file-style indicators
2015-12-18 13:13:31 +01:00
kssl.h
Remove the "eay" c-file-style indicators
2015-12-18 13:13:31 +01:00
Makefile
make update
2016-03-01 13:40:45 +00:00
s2_clnt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s2_enc.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s2_lib.c
Remove LOW from the default
2016-03-07 18:57:40 +01:00
s2_meth.c
Add no-ssl2-method
2016-03-14 21:17:18 +01:00
s2_pkt.c
Add length sanity check in SSLv2 n_do_ssl_write()
2015-04-29 17:44:02 +01:00
s2_srvr.c
Better SSLv2 cipher-suite enforcement
2016-01-28 17:06:38 +00:00
s3_both.c
Sanity check the return from final_finish_mac
2015-04-30 23:27:05 +01:00
s3_cbc.c
Ensure all EVP calls have their returns checked where appropriate
2015-11-20 15:56:42 +00:00
s3_clnt.c
Fix memory leak on invalid CertificateRequest.
2016-04-07 19:27:45 +01:00
s3_enc.c
Ensure all EVP calls have their returns checked where appropriate
2015-11-20 15:56:42 +00:00
s3_lib.c
Remove LOW from the default
2016-03-07 18:57:40 +01:00
s3_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s3_pkt.c
Don't send an alert if we've just received one
2015-05-25 23:11:02 +01:00
s3_srvr.c
Always generate DH keys for ephemeral DH cipher suites
2016-01-28 10:27:55 +00:00
s23_clnt.c
Fix session resumption
2015-09-02 00:31:33 +01:00
s23_lib.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s23_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s23_pkt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
s23_srvr.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
srtp.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl2.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl3.h
Add test for SSL_set_session_ticket_ext
2015-07-27 16:14:02 +01:00
ssl23.h
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_algs.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_asn1.c
Make no-psk compile without warnings.
2015-09-16 18:12:04 +01:00
ssl_cert.c
Set reference count earlier
2015-11-24 21:53:40 +01:00
ssl_ciph.c
Remove LOW from the default
2016-03-07 18:57:40 +01:00
ssl_err2.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_err.c
Ensure all EVP calls have their returns checked where appropriate
2015-11-20 15:56:42 +00:00
ssl_lib.c
Disable SSLv2 default build, default negotiation and weak ciphers.
2016-03-01 11:23:45 +00:00
ssl_locl.h
Remove LOW from the default
2016-03-07 18:57:40 +01:00
ssl_rsa.c
Ensure all EVP calls have their returns checked where appropriate
2015-11-20 15:56:42 +00:00
ssl_sess.c
Validate ClientHello session_id field length and send alert on failure
2016-01-19 15:42:23 +00:00
ssl_stat.c
Add Error state
2015-05-05 20:07:48 +01:00
ssl_task.c
Re-align some comments after running the reformat script.
2015-01-22 09:39:01 +00:00
ssl_txt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl_utst.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
ssl-lib.com
Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces
2014-10-15 10:49:24 +02:00
ssl.h
Add no-ssl2-method
2016-03-14 21:17:18 +01:00
ssltest.c
_BSD_SOURCE is deprecated, use _DEFAULT_SOURCE instead
2015-12-02 18:49:57 +01:00
t1_clnt.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
t1_enc.c
Fix more URLs mangled by reformat
2015-12-19 20:40:39 +00:00
t1_lib.c
Add a check for a failed malloc
2016-03-18 11:59:11 +00:00
t1_meth.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
t1_reneg.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
t1_srvr.c
Run util/openssl-format-source -v -c .
2015-01-22 09:38:39 +00:00
tls1.h
Fix references to various RFCs
2015-10-23 20:43:09 +02:00
tls_srp.c
Code style: space after 'if'
2015-04-16 13:51:51 -04:00