generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
bdcd660e33710079b495cf5cc6a1aaa5d2dcd317
openssl/crypto
History
Viktor Dukhovni bdcd660e33 Bugfix: in asn1parse avoid erroneous len after a sub-sequence 
Introduced in:

    commit 79c7f74d6c
    Author: Ben Laurie <ben@links.org>
    Date:   Tue Mar 29 19:37:57 2016 +0100

    Fix buffer overrun in ASN1_parse().

Problem input:

    https://tools.ietf.org/html/draft-ietf-curdle-pkix-eddsa-00#section-8.1
    -----BEGIN PUBLIC KEY-----
    MC0wCAYDK2VkCgECAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=
    -----END PUBLIC KEY-----

Previously:

        0:d=0  hl=2 l=  45 cons: SEQUENCE
        2:d=1  hl=2 l=   8 cons: SEQUENCE
        4:d=2  hl=2 l=   3 prim: OBJECT            :1.3.101.100
        9:d=2  hl=2 l=   1 prim: ENUMERATED        :02
    Error in encoding
    140735164989440:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:148:

Now:

    0:d=0  hl=2 l=  45 cons: SEQUENCE
    2:d=1  hl=2 l=   8 cons: SEQUENCE
    4:d=2  hl=2 l=   3 prim: OBJECT            :1.3.101.100
    9:d=2  hl=2 l=   1 prim: ENUMERATED        :02
   12:d=1  hl=2 l=  33 prim: BIT STRING
      0000 - 00 19 bf 44 09 69 84 cd-fe 85 41 ba c1 67 dc 3b   ...D.i....A..g.;
      0010 - 96 c8 50 86 aa 30 b6 b6-cb 0c 5c 38 ad 70 31 66   ..P..0....\8.p1f
      0020 - e1                                                .

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 02:41:30 -04:00
..
aes
PPC assembly pack: remove branch hints.
2016-04-07 21:27:24 +02:00
asn1
Bugfix: in asn1parse avoid erroneous len after a sub-sequence
2016-04-14 02:41:30 -04:00
async
Fix memory leak where fdlookup linked list is not freed during
2016-03-21 16:57:34 +00:00
bf
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
bio
Rename int_*() functions to *_int()
2016-04-13 08:59:03 +01:00
blake2
Clean-up *_DEBUG options.
2016-04-07 21:18:00 +02:00
bn
PPC assembly pack: remove branch hints.
2016-04-07 21:27:24 +02:00
buffer
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
camellia
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
cast
Disable some sanitizer checks without PEDANTIC
2016-04-10 01:50:45 +02:00
chacha
chacha/asm/chacha-armv8.pl: fix intermittent build failures.
2016-04-13 12:07:31 +02:00
cmac
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
cms
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
comp
Remake the way dynamic zlib is loaded
2016-04-13 11:36:46 +02:00
conf
Rename int_*() functions to *_int()
2016-04-13 08:59:03 +01:00
ct
make update
2016-04-07 14:41:34 -04:00
des
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
dh
Add documentation for following DH and DH_METHOD opacity
2016-04-09 10:10:55 +01:00
dsa
Fix double free bug in error path
2016-04-09 10:10:55 +01:00
dso
VMS: update the properties of symbol search
2016-03-23 19:58:12 +01:00
ec
RT 4393: Call EC_GROUP_order_bits in priv2opt.
2016-03-29 20:03:48 +02:00
engine
Rename int_*() functions to *_int()
2016-04-13 08:59:03 +01:00
err
Need err_load_crypto_strings_int declared.
2016-04-13 16:22:58 -04:00
evp
Remove OPENSSL_NO_SHA guards
2016-04-13 21:25:24 +01:00
hmac
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
idea
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
include/internal
Move a declaration that's private to libcrypto
2016-04-13 15:23:47 +02:00
kdf
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
lhash
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
md2
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
md4
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
md5
Build system: VC-WIN64I fixups.
2016-03-21 11:44:27 +01:00
mdc2
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
modes
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
objects
Remove check_defer()
2016-04-13 15:05:07 +01:00
ocsp
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
pem
Make the RSA structure opaque
2016-04-06 16:19:17 +02:00
perlasm
PPC assebmly pack: initial POWER9 support tidbits.
2016-04-13 12:09:46 +02:00
pkcs7
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
pkcs12
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
poly1305
Revert "various spelling fixes"
2016-04-04 16:11:43 -04:00
rand
Rename int_*() functions to *_int()
2016-04-13 08:59:03 +01:00
rc2
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
rc4
Build system: VC-WIN64I fixups.
2016-03-21 11:44:27 +01:00
rc5
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
ripemd
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
rsa
Make the RSA_METHOD structure opaque
2016-04-06 16:19:20 +02:00
seed
crypto/seed: add small-footprint path.
2016-03-29 09:53:51 +02:00
sha
PPC assembly pack: remove branch hints.
2016-04-07 21:27:24 +02:00
srp
Revert "various spelling fixes"
2016-04-04 16:11:43 -04:00
stack
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
ts
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
txt_db
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
ui
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
whrlpool
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
x509
Add SSL_DANE typedef for consistency.
2016-04-08 09:30:23 -04:00
x509v3
Revert "various spelling fixes"
2016-04-04 16:11:43 -04:00
alphacpuid.pl
Unified - adapt the generation of cpuid, uplink and buildinf to use GENERATE
2016-03-09 11:09:26 +01:00
arm64cpuid.pl
Add assembly support to ios64-cross.
2015-01-23 15:38:41 +01:00
arm_arch.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
armcap.c
Add assembly support for 32-bit iOS.
2015-04-20 15:06:22 +02:00
armv4cpuid.pl
ARMv4 assembly pack: implement support for Thumb2.
2015-09-25 13:34:02 +02:00
build.info
Break out DllMain from crypto/cryptlib.c and use it in shared libs only
2016-03-30 11:22:42 +02:00
c64xpluscpuid.pl
cpt_err.c
After renaming init, update errors.
2016-02-10 15:52:32 -05:00
cryptlib.c
Break out DllMain from crypto/cryptlib.c and use it in shared libs only
2016-03-30 11:22:42 +02:00
cversion.c
Make it possible to get ENGINESDIR info from OpenSSL_versions
2016-02-10 19:36:48 +01:00
dllmain.c
Break out DllMain from crypto/cryptlib.c and use it in shared libs only
2016-03-30 11:22:42 +02:00
ebcdic.c
Use NON_EMPTY_TRANSLATION_UNIT, consistently.
2016-02-09 20:13:29 -05:00
ex_data.c
Rename int_*() functions to *_int()
2016-04-13 08:59:03 +01:00
fips_err.h
Remove /* foo.c */ comments
2016-01-26 16:40:43 -05:00
fips_ers.c
Use NON_EMPTY_TRANSLATION_UNIT, consistently.
2016-02-09 20:13:29 -05:00
ia64cpuid.S
init.c
Remove check_defer()
2016-04-13 15:05:07 +01:00
LPdir_nyi.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
LPdir_unix.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
LPdir_vms.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
LPdir_win32.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
LPdir_win.c
memset, memcpy, sizeof consistency fixes
2015-05-05 22:18:59 -04:00
LPdir_wince.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
Makefile.in
Remove the remainder of util/mk1mf.pl and companion scripts
2016-03-21 11:02:00 +01:00
mem_clr.c
RT4116: Change cleanse to just memset
2016-02-25 10:04:00 -05:00
mem_dbg.c
Remove the CRYPTO_mem_leaks adjustment for the BIO
2016-03-31 00:12:47 +01:00
mem_sec.c
Convert mem_dbg and mem_sec to the new Thread API
2016-03-08 21:06:04 +00:00
mem.c
Build fix: remove cleanse_ctr
2016-02-25 10:19:50 -05:00
o_dir.c
Remove /* foo.c */ comments
2016-01-26 16:40:43 -05:00
o_fips.c
Identify and move common internal libcrypto header files
2015-05-14 17:21:40 +02:00
o_init.c
Remove /* foo.c */ comments
2016-01-26 16:40:43 -05:00
o_str.c
Fix master compile error
2016-02-26 16:50:59 +00:00
o_time.c
Remove Netware and OS/2
2016-03-17 17:06:57 -04:00
pariscid.pl
ppc_arch.h
PPC assebmly pack: initial POWER9 support tidbits.
2016-04-13 12:09:46 +02:00
ppccap.c
PPC assebmly pack: initial POWER9 support tidbits.
2016-04-13 12:09:46 +02:00
ppccpuid.pl
PPC assebmly pack: initial POWER9 support tidbits.
2016-04-13 12:09:46 +02:00
s390xcap.c
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
s390xcpuid.S
sparc_arch.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
sparccpuid.S
Conversion to UTF-8 where needed
2015-07-14 01:10:01 +02:00
sparcv9cap.c
crypto/sparcv9cap.c: add SIGILL-free feature detection for Solaris.
2015-12-02 10:53:33 +01:00
threads_none.c
Implement new multi-threading API
2016-02-26 10:00:36 +00:00
threads_pthread.c
GH773: Possible leak on CRYPTO_THREAD_lock_new failure
2016-03-03 19:47:01 -05:00
threads_win.c
Fix: CRYPTO_THREAD_run_once
2016-04-02 16:56:09 -04:00
uid.c
Remove Netware and OS/2
2016-03-17 17:06:57 -04:00
vms_rms.h
Run util/openssl-format-source -v -c .
2015-01-22 09:20:09 +00:00
x86_64cpuid.pl
x86cpuid.pl
Unified - adapt the generation of cpuid, uplink and buildinf to use GENERATE
2016-03-09 11:09:26 +01:00