generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
99ceb2d40c
openssl/ssl
History
Matt Caswell 99ceb2d40c Add sanity check in ssl3_cbc_digest_record 
For SSLv3 the code assumes that |header_length| > |md_block_size|. Whilst
this is true for all SSLv3 ciphersuites, this fact is far from obvious by
looking at the code. If this were not the case then an integer overflow
would occur, leading to a subsequent buffer overflow. Therefore I have
added an explicit sanity check to ensure header_length is always valid.
Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3
Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 29b0a15a48)
2015-04-30 23:21:53 +01:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_both.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
d1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_lib.c Fix Seg fault in DTLSv1_listen 2015-03-19 11:11:22 +00:00
d1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_pkt.c Harmonize return values in dtls1_buffer_record 2015-03-10 13:52:32 -07:00
d1_srtp.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_srvr.c Don't send a for ServerKeyExchange for kDHr and kDHd 2015-03-24 22:42:30 +01:00
dtls1.h Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:31:28 +00:00
heartbeat_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:26 +00:00
kssl_lcl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
kssl.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
kssl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
Makefile make update 2015-04-21 17:50:36 +02:00
s2_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_enc.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_lib.c Fix reachable assert in SSLv2 servers. 2015-03-19 12:58:35 +00:00
s2_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_pkt.c Add length sanity check in SSLv2 n_do_ssl_write() 2015-04-29 17:23:45 +01:00
s2_srvr.c Harden SSLv2-supporting servers against Bleichenbacher's attack. 2015-04-08 16:28:42 +02:00
s3_both.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_cbc.c Add sanity check in ssl3_cbc_digest_record 2015-04-30 23:21:53 +01:00
s3_clnt.c Repair EAP-FAST session resumption 2015-04-21 19:31:09 +02:00
s3_enc.c Cleanse buffers 2015-03-11 10:45:23 +00:00
s3_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_pkt.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
s3_srvr.c Error out immediately on empty ciphers list. 2015-04-17 18:44:35 +02:00
s23_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_pkt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_srvr.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
srtp.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl2.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl3.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl23.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_algs.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_asn1.c Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:31:28 +00:00
ssl_cert.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_ciph.c Remove export ciphers from the DEFAULT cipher list 2015-03-07 23:02:19 +01:00
ssl_conf.c Add support for ServerInfo SSL_CONF option. 2015-03-18 12:31:06 +00:00
ssl_err2.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_err.c Repair EAP-FAST session resumption 2015-04-21 19:31:09 +02:00
ssl_lib.c Add DTLS to SSL_get_version 2015-03-20 12:06:12 +00:00
ssl_locl.h fix warning 2015-03-08 17:31:48 +00:00
ssl_rsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_sess.c Fix ssl_get_prev_session overrun 2015-04-14 14:59:40 +01:00
ssl_stat.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_task.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
ssl_txt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_utst.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl-lib.com VMS fixups for 1.0.2 2015-01-07 02:15:35 +01:00
ssl.h Repair EAP-FAST session resumption 2015-04-21 19:31:09 +02:00
ssltest.c Add DTLS support to ssltest 2015-03-20 12:09:22 +00:00
t1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_enc.c Sanity check EVP_CTRL_AEAD_TLS_AAD 2015-04-30 23:21:50 +01:00
t1_ext.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_lib.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
t1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_reneg.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_srvr.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_trce.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
tls1.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
tls_srp.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00