generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
openssl/crypto
History
Emilia Kasper 57b0c4697a Fix OID handling: 
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-06 21:30:39 +01:00
..
aes
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
asn1
Fix OID handling:
2014-08-06 21:30:39 +01:00
bf
Revert the size_t modifications from HEAD that had led to more
2008-11-12 03:58:08 +00:00
bio
Fix memory leak in BIO_free if there is no destroy function.
2014-07-09 23:37:04 +01:00
bn
Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data.
2014-07-13 22:25:53 +01:00
buffer
Constification.
2013-10-01 15:26:14 +01:00
camellia
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
cast
Constify crypto/cast.
2009-12-22 11:45:59 +00:00
cms
Set version number correctly.
2014-05-29 14:12:13 +01:00
comp
Assorted bugfixes:
2011-02-03 12:04:40 +00:00
conf
Prevent infinite loop loading config files.
2014-07-07 13:50:52 +01:00
des
PR: 2266
2010-05-26 23:23:44 +00:00
dh
PR: 1644
2009-09-06 15:49:12 +00:00
dsa
make EVP_dss() work for DSA signing
2011-06-20 20:05:38 +00:00
dso
Fix a wrong parameter count ERR_add_error_data
2014-05-19 22:18:23 +01:00
ec
Simplify and fix ec_GFp_simple_points_make_affine
2014-08-01 17:58:26 +02:00
ecdh
Fix EC_KEY initialization race.
2012-10-05 20:51:31 +00:00
ecdsa
Fix EC_KEY initialization race.
2012-10-05 20:51:31 +00:00
engine
Add loaded dynamic ENGINEs to list.
2014-01-28 13:57:58 +00:00
err
Don't include comp.h if no-comp set.
2013-01-20 01:12:15 +00:00
evp
Fix for EVP_PBE_alg_add().
2014-06-27 22:59:13 +01:00
hmac
inherit HMAC flags from MD_CTX
2011-05-19 17:39:49 +00:00
idea
Fix typo in ideatest.c
2014-06-28 00:06:47 +01:00
jpake
J-PAKE was not correctly checking values, which could lead to attacks.
2010-11-24 13:48:12 +00:00
krb5
Further BUILDENV refinement, further fool-proofing of Makefiles and
2005-05-16 16:55:47 +00:00
lhash
Revert lhash patch for PR#2124
2009-12-09 15:00:20 +00:00
md2
Constify seed and md2.
2007-08-31 10:12:35 +00:00
md4
Remove unnecessary casts and avoid some warnings with gcc 4.2.
2007-06-07 16:07:57 +00:00
md5
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
mdc2
Update filenames in makefiles.
2006-02-04 01:45:59 +00:00
modes
crypto/modes: strict aliasing fixes from master.
2014-04-06 17:23:55 +02:00
objects
Fix OID handling:
2014-08-06 21:30:39 +01:00
ocsp
Handle IPv6 addresses in OCSP_parse_url.
2014-06-27 17:31:50 +01:00
pem
Sanity check keylength in PVK files.
2014-07-06 00:36:10 +01:00
perlasm
x86_64-xlate.pl: remove old kludge.
2012-03-13 19:19:57 +00:00
pkcs7
Remove ancient obsolete files under pkcs7.
2014-06-27 13:56:53 +01:00
pkcs12
Fix memory leak.
2014-05-29 14:12:13 +01:00
pqueue
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
rand
Create ~/.rnd with mode 0600 instead of 0666
2014-06-08 21:29:23 +01:00
rc2
Wire RC4 key_table to read-only segment.
2007-09-18 21:10:32 +00:00
rc4
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
rc5
Make inline assembler clang-friendly [from HEAD].
2010-08-02 21:54:23 +00:00
ripemd
PR: 1835
2009-02-14 21:49:38 +00:00
rsa
Return smaller of ret and f.
2014-07-05 22:38:56 +01:00
seed
Engage crypto/modes.
2008-12-23 11:33:01 +00:00
sha
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
stack
make update
2014-06-05 10:42:13 +01:00
store
Make it possible to disable STORE.
2009-02-19 09:42:51 +00:00
threads
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
2009-05-15 16:37:08 +00:00
ts
Fix double frees.
2014-04-22 22:52:26 +01:00
txt_db
Change STRING to OPENSSL_STRING etc as common words such
2009-07-27 21:08:53 +00:00
ui
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
2014-07-13 19:16:06 +02:00
whrlpool
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
x509
x509/by_dir.c: fix run-away pointer (and potential SEGV)
2014-02-24 15:24:14 +01:00
x509v3
Extension checking fixes.
2014-04-15 18:53:14 +01:00
.cvsignore
Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
2008-04-17 10:19:16 +00:00
alphacpuid.pl
Alpha assembler fixes from HEAD.
2011-08-12 12:32:10 +00:00
cpt_err.c
Update from 0.9.8 stable. Eliminate duplicate error codes.
2006-11-21 21:29:44 +00:00
cryptlib.c
Avoid Windows 8 Getversion deprecated errors.
2014-02-25 13:43:04 +00:00
cryptlib.h
export OPENSSL_isservice and make update
2010-01-26 13:55:33 +00:00
crypto-lib.com
Cosmetic: Reorder so it's more similar to the Unixly build.
2012-07-04 17:27:43 +00:00
crypto.h
Add and use a constant-time memcmp.
2013-02-05 16:46:15 +00:00
cversion.c
(oops) Apologies all, that last header-cleanup commit was from the wrong
2004-04-19 18:09:28 +00:00
ebcdic.c
Oops, this file already had the "empty source file" workaround but it
2003-10-29 22:25:04 +00:00
ebcdic.h
ex_data.c
Avoid warnings with -pedantic, specifically:
2008-07-04 23:12:52 +00:00
ia64cpuid.S
Make assembly language versions of OPENSSL_cleanse() accept zero length
2010-02-12 17:02:13 +00:00
install-crypto.com
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:44:53 +00:00
LPdir_nyi.c
Copy a few files from LPlib (a new project of mine), add a wrapper.
2004-07-10 13:16:02 +00:00
LPdir_unix.c
Import changed files from LPlib. The changes are logged as follows
2004-09-23 22:11:39 +00:00
LPdir_vms.c
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:44:53 +00:00
LPdir_win32.c
Import changed files from LPlib. The changes are logged as follows
2004-09-23 22:11:39 +00:00
LPdir_win.c
Fix mingw warnings.
2006-10-23 07:41:05 +00:00
LPdir_wince.c
Import changed files from LPlib. The changes are logged as follows
2004-09-23 22:11:39 +00:00
Makefile
Replace alphacpuid.s with alphacpuid.pl to ensure it makes to release tar-balls [from HEAD].
2010-07-26 22:09:59 +00:00
md32_common.h
Make inline assembler clang-friendly [from HEAD].
2010-08-02 21:54:23 +00:00
mem_clr.c
Fix warning.
2007-06-23 18:47:51 +00:00
mem_dbg.c
PR: 1894
2009-04-16 17:22:51 +00:00
mem.c
Check for potentially exploitable overflows in asn1_d2i_read_bio
2012-04-19 11:44:51 +00:00
o_dir_test.c
Copy a few files from LPlib (a new project of mine), add a wrapper.
2004-07-10 13:16:02 +00:00
o_dir.c
DJGPP has opendir() and friends, according to Gisle Vanem <giva@bgnett.no>.
2004-08-03 19:15:21 +00:00
o_dir.h
Copy a few files from LPlib (a new project of mine), add a wrapper.
2004-07-10 13:16:02 +00:00
o_str.c
Update from HEAD.
2009-06-01 12:14:15 +00:00
o_str.h
"Overload" SunOS 4.x memcmp, which ruins ASN1_OBJECT table lookups.
2005-09-20 20:19:07 +00:00
o_time.c
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:44:53 +00:00
o_time.h
Experimental new date handling routines. These fix issues with X509_time_adj()
2008-10-07 22:55:27 +00:00
opensslconf.h.in
Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and
2005-12-16 10:37:24 +00:00
opensslv.h
Prepare for 1.0.0n-dev
2014-06-05 10:43:52 +01:00
ossl_typ.h
Update from stable branch.
2008-11-11 12:23:18 +00:00
ppccpuid.pl
ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance
2012-04-27 20:21:26 +00:00
s390xcap.c
s390x assembler update: add support for run-time facility detection [from HEAD].
2010-01-19 21:40:58 +00:00
s390xcpuid.S
Make assembly language versions of OPENSSL_cleanse() accept zero length
2010-02-12 17:02:13 +00:00
sparccpuid.S
sparccpuid.S: work around emulator bug on T1.
2013-02-11 10:42:32 +01:00
sparcv9cap.c
sparcv9cap.c: disengange Solaris-specific CPU detection routine in favour
2010-09-05 19:48:01 +00:00
symhacks.h
VMS fixes
2014-01-11 22:42:15 +00:00
uid.c
Netware-specific changes,
2003-11-28 13:10:58 +00:00
vms_rms.h
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:44:53 +00:00
x86_64cpuid.pl
x86_64 assembly pack: make Windows build more robust [from master].
2013-01-22 23:00:02 +01:00
x86cpuid.pl
x86cpuid.pl: make it work with older CPUs.
2013-03-18 19:51:13 +01:00