Emilia Kasper 03b04ddac1 Fix OID handling: ...

- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

2014-08-06 20:27:51 +01:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:17:07 +00:00

Makefile

make update

2014-01-06 13:33:27 +00:00

o_names.c

Fix some clang warnings.

2013-01-14 00:22:28 +00:00

obj_dat.c

Fix OID handling:

2014-08-06 20:27:51 +01:00

obj_dat.h

incomplete provisional OAEP CMS decrypt support

2012-01-02 18:16:40 +00:00

obj_dat.pl

Fix OID encoding for one component.

2014-06-27 03:17:15 +01:00

obj_err.c

Update from 0.9.8 stable. Eliminate duplicate error codes.

2006-11-21 21:29:44 +00:00

obj_lib.c

Revert the size_t modifications from HEAD that had led to more

2008-11-12 03:58:08 +00:00

obj_mac.h

incomplete provisional OAEP CMS decrypt support

2012-01-02 18:16:40 +00:00

obj_mac.num

incomplete provisional OAEP CMS decrypt support

2012-01-02 18:16:40 +00:00

obj_xref.c

? crypto/aes/aes-armv4.S

2011-10-06 20:45:08 +00:00

obj_xref.h

Backport PSS signature support from HEAD.

2011-10-09 23:13:50 +00:00

obj_xref.txt

Backport PSS signature support from HEAD.

2011-10-09 23:13:50 +00:00

objects.h

Fix for VC++ 6 which chokes on the empty argument.

2009-04-04 11:44:48 +00:00

objects.pl

Produce meaningful error if sanity check fails.

2008-03-19 17:01:12 +00:00

objects.README

I got sick and tired of having to keep track of NIDs when such a thing

2000-07-05 02:45:36 +00:00

objects.txt

incomplete provisional OAEP CMS decrypt support

2012-01-02 18:16:40 +00:00

objxref.pl

Use basename of objxref.pl not whole path in generated header.

2009-04-06 16:16:23 +00:00