openssl/asn1 at d2866063015d839569c2323cae85d1d27ccdb484 - openssl - Atria-soft GIT

generic-library/openssl

History

Emilia Kasper b9a73f5481 Fix OID handling:

- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

2014-08-06 22:02:00 +01:00

..

.cvsignore

Add emacs cache files to .cvsignore.

2005-04-11 14:17:07 +00:00

a_bitstr.c

improved error checking and some fixes

2005-07-26 20:55:17 +00:00

a_bool.c

Constify d2i, s2i, c2i and r2i functions and other associated

2004-03-15 23:15:26 +00:00

a_bytes.c

PR: 1835

2009-02-14 21:50:14 +00:00

a_d2i_fp.c

Check for potentially exploitable overflows in asn1_d2i_read_bio

2012-04-19 11:36:09 +00:00

a_digest.c

Consistency.

2005-03-31 13:57:54 +00:00

a_dup.c

Update util/ck_errf.pl script, and have it run automatically

2005-05-09 00:27:37 +00:00

a_enum.c

- use BN_set_negative and BN_is_negative instead of BN_set_sign

2005-04-22 20:02:44 +00:00

a_gentm.c

Add lots of checks for memory allocation failure, error codes to indicate

2004-12-05 01:03:15 +00:00

a_hdr.c

Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.

2005-04-20 21:48:06 +00:00

a_i2d_fp.c

Update util/ck_errf.pl script, and have it run automatically

2005-05-09 00:27:37 +00:00

a_int.c

Encode INTEGER correctly.

2013-03-18 14:19:40 +00:00

a_mbstr.c

Fix unitialized warnings

2009-10-04 16:53:18 +00:00

a_meth.c

Give everything prototypes (well, everything that's actually used).

2005-03-31 09:26:39 +00:00

a_object.c

Fix OID handling:

2014-08-06 22:02:00 +01:00

a_octet.c

Constify d2i, s2i, c2i and r2i functions and other associated

2004-03-15 23:15:26 +00:00

a_print.c

Constification.

2005-03-30 10:26:02 +00:00

a_set.c

Simplicate and add lightness.

2005-03-31 10:55:55 +00:00

a_sign.c

Check for errors in ASN1 sign and verify routines.

2008-09-25 16:38:07 +00:00

a_strex.c

Fix Valgrind warning.

2012-09-24 19:50:07 +00:00

a_strnid.c

Set default global mask to UTF8 only.

2014-06-01 15:04:49 +01:00

a_time.c

Use BUF_strlcpy() instead of strcpy().

2003-12-27 14:40:17 +00:00

a_type.c

Backport some useful ASN1 utility functions from HEAD.

2008-04-02 11:11:51 +00:00

a_utctm.c

Remove duplicate lines.

2004-12-12 13:15:49 +00:00

a_utf8.c

Merge from the ASN1 branch of new ASN1 code

2000-12-08 19:09:35 +00:00

a_verify.c

Don't try and verify signatures if key is NULL (CVE-2013-0166)

2013-02-05 16:50:31 +00:00

asn1_err.c

Reject leading 0x80 in OID subidentifiers.

2009-08-06 16:22:57 +00:00

asn1_gen.c

check new_der for NULL too

2009-11-10 00:46:57 +00:00

asn1_lib.c

ASN1 sanity check.

2014-07-02 01:01:55 +01:00

asn1_mac.h

Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.

2005-04-20 21:48:06 +00:00

asn1_par.c

PR: 2056

2009-10-01 00:12:49 +00:00

asn1.h

PR: 2433

2011-01-24 16:21:00 +00:00

asn1t.h

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

asn_mime.c

Memory leak and NULL dereference fixes.

2014-06-27 15:33:18 +01:00

asn_moid.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

asn_pack.c

Memory leak and NULL dereference fixes.

2014-06-27 15:33:18 +01:00

charmap.h

New ASN1_STRING_print_ex() and X509_NAME_print_ex()

2000-07-28 01:58:15 +00:00

charmap.pl

New ASN1_STRING_print_ex() and X509_NAME_print_ex()

2000-07-28 01:58:15 +00:00

d2i_pr.c

ecc api cleanup; summary:

2005-05-16 10:11:04 +00:00

d2i_pu.c

ecc api cleanup; summary:

2005-05-16 10:11:04 +00:00

evp_asn1.c

Memory leak and NULL dereference fixes.

2014-06-27 15:33:18 +01:00

f_enum.c

There have been a number of complaints from a number of sources that names

2000-06-01 22:19:21 +00:00

f_int.c

Security fixes brought forward from 0.9.7.

2002-11-13 15:43:43 +00:00

f_string.c

There have been a number of complaints from a number of sources that names

2000-06-01 22:19:21 +00:00

i2d_pr.c

ecc api cleanup; summary:

2005-05-16 10:11:04 +00:00

i2d_pu.c

ecc api cleanup; summary:

2005-05-16 10:11:04 +00:00

Makefile

Make update: delete duplicate error code.

2008-09-17 17:11:09 +00:00

n_pkey.c

Fix gcc 4.6 warnings. Check TLS server hello extension length.

2010-06-12 13:18:58 +00:00

nsseq.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

p5_pbe.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

p5_pbev2.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

p8_key.c

There have been a number of complaints from a number of sources that names

2000-06-01 22:19:21 +00:00

p8_pkey.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

t_bitst.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

t_crl.c

Fix gcc 4.6 warnings. Check TLS server hello extension length.

2010-06-12 13:18:58 +00:00

t_pkey.c

Print out DSA key if parameters absent.

2013-04-07 22:50:55 +01:00

t_req.c

Update from HEAD.

2007-05-22 23:33:08 +00:00

t_spki.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

t_x509.c

Memory leak and NULL dereference fixes.

2014-06-27 15:33:18 +01:00

t_x509a.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

tasn_dec.c

Fix gcc 4.6 warnings. Check TLS server hello extension length.

2010-06-12 13:18:58 +00:00

tasn_enc.c

Memory leak and NULL dereference fixes.

2014-06-27 15:33:18 +01:00

tasn_fre.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

tasn_new.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

tasn_prn.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

tasn_typ.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

tasn_utl.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

x_algor.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

x_attrib.c

More linker bloat reorganisation:

2001-07-27 02:22:42 +00:00

x_bignum.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

x_crl.c

gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.

2007-09-06 12:43:54 +00:00

x_exten.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

x_info.c

Merge from the ASN1 branch of new ASN1 code

2000-12-08 19:09:35 +00:00

x_long.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00

x_name.c

Fix memory leak on bad inputs.

2011-09-05 09:56:48 +00:00

x_pkey.c

Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts.

2005-04-20 21:48:06 +00:00

x_pubkey.c

PR: 2813

2012-05-11 13:49:15 +00:00

x_req.c

Fix from HEAD.

2006-09-22 17:07:40 +00:00

x_sig.c

Get rid of ASN1_ITEM_FUNCTIONS dummy function

2001-02-23 12:47:06 +00:00

x_spki.c

Get rid of ASN1_ITEM_FUNCTIONS dummy function

2001-02-23 12:47:06 +00:00

x_val.c

Get rid of ASN1_ITEM_FUNCTIONS dummy function

2001-02-23 12:47:06 +00:00

x_x509.c

Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),

2010-10-03 18:55:57 +00:00

x_x509a.c

Change old obsolete email address...

2008-11-05 18:36:57 +00:00