openssl

History

Matt Caswell 974d4d675c Sanity check EVP_CTRL_AEAD_TLS_AAD

The various implementations of EVP_CTRL_AEAD_TLS_AAD expect a buffer of at
least 13 bytes long. Add sanity checks to ensure that the length is at
least that. Also add a new constant (EVP_AEAD_TLS1_AAD_LEN) to evp.h to
represent this length. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit c8269881093324b881b81472be037055571f73f3)

Conflicts:
	ssl/record/ssl3_record.c

Conflicts:
	apps/speed.c
	crypto/evp/e_aes_cbc_hmac_sha256.c
	crypto/evp/evp.h

2015-04-30 23:26:06 +01:00

aes

Fix undefined behaviour in shifts.

2015-03-13 21:14:56 -07:00

asn1

Fix encoding bug in i2c_ASN1_INTEGER

2015-04-18 14:44:17 +01:00

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

bio

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

buffer

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

camellia

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cast

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

cmac

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cms

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

comp

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

conf

RT3670: Check return from BUF_MEM_grow_clean

2015-02-12 13:01:42 -05:00

des

Sanity check DES_enc_write buffer length

2015-04-30 23:24:21 +01:00

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

dsa

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

dso

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

Ensure EC private keys retain leading zeros

2015-03-31 16:41:33 +01:00

ecdh

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ecdsa

Fix RAND_(pseudo_)?_bytes returns

2015-03-25 12:45:17 +00:00

engine

Please Clang's sanitizer, addendum.

2015-04-16 18:29:49 +02:00

err

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

evp

Sanity check EVP_CTRL_AEAD_TLS_AAD

2015-04-30 23:26:06 +01:00

hmac

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

idea

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

jpake

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

krb5

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

lhash

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

md2

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

md4

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

md5

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

mdc2

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

modes

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

objects

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

ocsp

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

pem

Fix uninitialized variable warning

2015-03-25 15:19:20 +01:00

perlasm

Reduce version skew.

2012-06-08 09:18:47 +00:00

pkcs7

PKCS#7: avoid NULL pointer dereferences with missing content

2015-03-19 12:59:31 +00:00

pkcs12

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

pqueue

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

rand

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

rc2

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

rc4

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

rc5

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ripemd

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

rsa

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

seed

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

sha

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

srp

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

stack

make update

2015-03-19 13:38:37 +00:00

store

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

threads

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

txt_db

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

Assume TERMIOS is default, remove TERMIO on all Linux.

2015-02-22 09:15:11 +01:00

whrlpool

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

x509

X509_VERIFY_PARAM_free: Check param for NULL

2015-04-11 20:57:43 +02:00

x509v3

Code style: space after 'if'

2015-04-16 13:51:51 -04:00

.cvsignore

Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev

2008-04-17 10:19:16 +00:00

alphacpuid.pl

Alpha assembler fixed from HEAD.

2011-08-12 12:31:08 +00:00

arm_arch.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

armcap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

armv4cpuid.S

ARM assembler pack update from HEAD.

2011-11-14 20:58:01 +00:00

constant_time_locl.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

constant_time_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cpt_err.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cryptlib.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cryptlib.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

crypto-lib.com

Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces

2014-10-15 10:49:24 +02:00

crypto.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

cversion.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ebcdic.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ebcdic.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ex_data.c

Fix memory leak reporting.

2015-02-09 13:01:28 +00:00

fips_err.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

fips_ers.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ia64cpuid.S

IA64 assembler pack update from HEAD.

2011-11-14 20:45:57 +00:00

install-crypto.com

Adjust VMS build to Unix build. Most of all, make it so the disabled

2014-10-15 10:49:08 +02:00

LPdir_nyi.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_unix.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_vms.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_win32.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_win.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

LPdir_wince.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

Makefile

Make output from openssl version -f consistent with previous versions

2015-01-13 11:29:11 +00:00

md32_common.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

mem_clr.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

mem_dbg.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

mem.c

Fix CRYPTO_strdup

2015-04-22 17:24:47 +01:00

o_dir_test.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_dir.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_dir.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_fips.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_init.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_str.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_str.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

o_time.c

Re-align some comments after running the reformat script.

2015-01-22 09:39:01 +00:00

o_time.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

opensslconf.h.in

Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and

2005-12-16 10:37:24 +00:00

opensslv.h

Prepare for 1.0.1n-dev

2015-03-19 13:41:07 +00:00

ossl_typ.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

pariscid.pl

PA-RISC assembler pack: switch to bve in 64-bit builds.

2013-06-30 23:15:53 +02:00

ppccap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

ppccpuid.pl

ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance

2012-04-27 20:20:15 +00:00

s390xcap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

s390xcpuid.S

s390x assembler pack update from HEAD.

2011-11-14 20:47:22 +00:00

sparccpuid.S

sparccpuid.S: work around emulator bug on T1.

2013-02-11 10:41:57 +01:00

sparcv9cap.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

symhacks.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

uid.c

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

vms_rms.h

Run util/openssl-format-source -v -c .

2015-01-22 09:38:39 +00:00

x86_64cpuid.pl

x86_64 assembly pack: make Windows build more robust [from master].

2013-01-22 22:54:04 +01:00

x86cpuid.pl

x86cpuid.pl: make it work with older CPUs.

2013-03-18 19:50:23 +01:00