openssl/crypto
Jiasheng Jiang 882a387d0d rsa/rsa_pmeth.c: Add the checks for the EVP_MD_CTX_get_size()
Add the checks for the return value of EVP_MD_CTX_get_size() before explicitly
cast them to size_t to avoid the integer overflow.

Fixes: 75d44c0452 ("Store digests as EVP_MD instead of a NID.")
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23953)
2024-04-03 11:21:29 +02:00
..
aes Fix a few incorrect paths in some build.info files 2024-02-02 14:12:49 +01:00
aria
asn1 Add appropriate lower bound checks for GeneralizedTime and UTCTime 2024-02-25 09:17:41 +01:00
async
bf
bio BIO_s_connect: Do not set keepalive on dgram sockets 2024-04-02 19:04:10 +02:00
bn Fix GCC compilation -Waggressive-loop-optimizations 2024-04-02 13:21:59 -04:00
buffer
camellia
cast Copyright year updates 2023-09-07 09:59:15 +01:00
chacha chachap10-ppc.pl: Fix truncated relocation 2024-02-22 13:11:24 +01:00
cmac Add appropriate NULL checks in EVP_CIPHER api 2024-01-25 08:27:53 -05:00
cmp crypto/cmp: add OSSL_CMP_MSG_get0_certreq_publickey(); fix coding style nit 2024-03-06 08:49:28 +01:00
cms Add appropriate NULL checks in EVP_CIPHER api 2024-01-25 08:27:53 -05:00
comp Copyright year updates 2023-09-07 09:59:15 +01:00
conf plug potential memory leak in error code path 2024-03-15 13:42:57 +01:00
crmf Copyright year updates 2023-09-07 09:59:15 +01:00
ct
des Copyright year updates 2023-09-07 09:59:15 +01:00
dh Fix typos 2024-01-23 14:31:03 +00:00
dsa Fix handling of NULL sig parameter in ECDSA_sign and similar 2024-04-02 17:47:29 +02:00
dso replace strstr() with strchr() for single characters 2024-01-25 16:39:09 +01:00
ec Remove handling of NULL sig param in ossl_ecdsa_deterministic_sign 2024-04-02 17:47:29 +02:00
encode_decode Check for NULL cleanup function before using it in encoder_process 2024-02-16 08:34:11 -05:00
engine Revert "Improved detection of engine-provided private "classic" keys" 2024-01-31 18:40:13 +01:00
err Limit the number of http headers when receiving the http response 2024-03-12 19:35:41 +01:00
ess
evp Fix unbounded memory growth when using no-cached-fetch 2024-03-15 18:10:49 +00:00
ffc DH_check_pub_key() should not fail when setting result code 2023-10-11 16:22:27 +02:00
hmac
hpke OpenSSL License is applied for some source files, change to Apache 2 2024-02-19 10:06:04 +01:00
http Limit the number of http headers when receiving the http response 2024-03-12 19:35:41 +01:00
idea
kdf
lhash Introduce hash thunking functions to do proper casting 2024-01-17 10:47:04 -05:00
md2
md4
md5 md5: add assembly implementation for loongarch64 2023-12-27 10:15:29 +01:00
mdc2
modes aes_platform.h, gcm128.c: fix Darwin PowerPC macro to include ppc64 2024-01-12 19:33:33 +01:00
objects Add Content Type OID for id-ct-rpkiSignedPrefixList 2024-03-15 09:10:22 +01:00
ocsp Copyright year updates 2023-09-07 09:59:15 +01:00
pem Copyright year updates 2023-09-28 14:23:29 +01:00
perlasm x86_64-xlate.pl: Fix build with icx and nvc compilers 2023-11-24 17:21:39 +01:00
pkcs7 PKCS7: Remove one of the duplicate checks 2024-03-11 15:19:15 +01:00
pkcs12 Add NULL checks where ContentInfo data can be NULL 2024-01-25 15:27:43 +00:00
poly1305 poly1305_ieee754.c: fix PowerPC macros 2024-01-15 10:45:07 +01:00
property Fixed Visual Studio 2008 compiler errors 2024-02-16 16:34:29 +01:00
rand internal/common.h: rename macro (un)likely to ossl_(un)likely 2023-11-03 21:08:22 +01:00
rc2 Copyright year updates 2023-09-07 09:59:15 +01:00
rc4 Copyright year updates 2023-09-07 09:59:15 +01:00
rc5 Copyright year updates 2023-09-07 09:59:15 +01:00
ripemd
rsa rsa/rsa_pmeth.c: Add the checks for the EVP_MD_CTX_get_size() 2024-04-03 11:21:29 +02:00
seed
sha Fix a few incorrect paths in some build.info files 2024-02-02 14:12:49 +01:00
siphash
sm2 Fix handling of NULL sig parameter in ECDSA_sign and similar 2024-04-02 17:47:29 +02:00
sm3 riscv: Support sm3 on platforms with vlen >= 128. 2023-10-26 15:55:50 +01:00
sm4 Fix sm4-xts aarch64 assembly implementation bug 2024-02-08 09:55:11 +01:00
srp Copyright year updates 2023-09-28 14:23:29 +01:00
stack Make OPENSSL_sk_push return only 0 or 1 2024-01-04 14:51:48 +01:00
store Add OPENSSL_free to avoid mem leak 2024-04-01 12:59:17 -04:00
thread Copyright year updates 2023-09-07 09:59:15 +01:00
ts Copyright year updates 2023-09-07 09:59:15 +01:00
txt_db Copyright year updates 2023-09-07 09:59:15 +01:00
ui Copyright year updates 2023-09-07 09:59:15 +01:00
whrlpool Copyright year updates 2023-09-07 09:59:15 +01:00
x509 x509/x509_set.c: Add the check for the EVP_MD_CTX_get_size() 2024-03-30 09:23:56 -04:00
alphacpuid.pl
arm64cpuid.pl
arm_arch.h Apply the AES-GCM unroll8 optimisation to Microsoft Azure Cobalt 100 2024-02-22 16:07:02 +01:00
armcap.c Apply the AES-GCM unroll8 optimisation to Microsoft Azure Cobalt 100 2024-02-22 16:07:02 +01:00
armv4cpuid.pl Copyright year updates 2023-09-07 09:59:15 +01:00
asn1_dsa.c
bsearch.c
build.info Do not include sparse_array.o in libssl 2023-09-22 20:42:48 +02:00
c64xpluscpuid.pl
context.c Copyright year updates 2023-09-07 09:59:15 +01:00
core_algorithm.c
core_fetch.c
core_namemap.c Copyright year updates 2023-09-07 09:59:15 +01:00
cpt_err.c
cpuid.c Copyright year updates 2023-09-28 14:23:29 +01:00
cryptlib.c Copyright year updates 2023-09-07 09:59:15 +01:00
ctype.c Copyright year updates 2023-09-07 09:59:15 +01:00
cversion.c
der_writer.c
deterministic_nonce.c Copyright year updates 2023-09-07 09:59:15 +01:00
dllmain.c
ebcdic.c
ex_data.c Fix error handling in CRYPTO_get_ex_new_index 2023-09-21 14:43:08 +02:00
getenv.c
ia64cpuid.S
info.c Copyright year updates 2023-09-07 09:59:15 +01:00
init.c Add atexit configuration option to using atexit() in libcrypto at build-time. 2024-02-01 20:26:42 -05:00
initthread.c crypto/initthread.c: fix misspelled OSSL_provider_init() in comment 2023-10-26 15:45:41 +01:00
loongarch64cpuid.pl LoongArch64 assembly pack: Really implement OPENSSL_rdtsc 2023-12-19 18:34:34 +01:00
loongarch_arch.h Copyright year updates 2023-09-07 09:59:15 +01:00
loongarchcap.c Copyright year updates 2023-09-07 09:59:15 +01:00
LPdir_nyi.c
LPdir_unix.c Copyright year updates 2023-09-07 09:59:15 +01:00
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c Add locking to CRYPTO_secure_used 2023-12-01 09:03:04 -05:00
mem.c Windows: use srand() instead of srandom() 2023-10-13 15:04:42 +02:00
mips_arch.h
o_dir.c
o_fopen.c
o_init.c
o_str.c Fix off by one issue in buf2hexstr_sep() 2024-03-01 10:50:01 +01:00
o_time.c
packet.c Copyright year updates 2023-09-07 09:59:15 +01:00
param_build_set.c ossl_param_build_set_multi_key_bn(): Do not set NULL BIGNUMs 2023-10-18 18:07:13 +02:00
param_build.c params: drop INT_MAX checks 2023-12-29 10:21:10 +01:00
params_dup.c
params_from_text.c Have OSSL_PARAM_allocate_from_text() fail on odd number of hex digits 2024-01-25 16:36:55 +01:00
params_idx.c.in
params.c Check appropriate OSSL_PARAM_get_* functions for NULL 2024-01-09 16:56:55 +01:00
pariscid.pl
passphrase.c
ppccap.c
ppccpuid.pl
provider_child.c Copyright year updates 2023-09-07 09:59:15 +01:00
provider_conf.c Fix remaining provider config settings to be decisive in value 2023-12-27 09:32:48 +01:00
provider_core.c After initializing a provider, check if its output dispatch table is NULL 2023-12-04 15:12:34 +01:00
provider_local.h
provider_predefined.c
provider.c Copyright year updates 2023-09-07 09:59:15 +01:00
punycode.c Copyright year updates 2023-09-07 09:59:15 +01:00
quic_vlint.c
rcu_internal.h RCU lock implementation 2024-02-01 08:33:25 -05:00
README-sparse_array.md
riscv32cpuid.pl
riscv64cpuid.pl riscv: Add basic vector extension support 2023-10-26 15:55:49 +01:00
riscvcap.c riscv: Add basic vector extension support 2023-10-26 15:55:49 +01:00
s390x_arch.h Copyright year updates 2023-09-07 09:59:15 +01:00
s390xcap.c Copyright year updates 2023-09-07 09:59:15 +01:00
s390xcpuid.pl
self_test_core.c
sleep.c Correct OSSL_sleep for NonStop PUT model by introducing sleep(). 2024-03-23 09:22:31 -04:00
sparccpuid.S
sparcv9cap.c
sparse_array.c
threads_lib.c
threads_none.c RCU lock implementation 2024-02-01 08:33:25 -05:00
threads_pthread.c Fix the grammar as suggsted in the review 2024-02-14 09:36:11 +01:00
threads_win.c RCU lock implementation 2024-02-01 08:33:25 -05:00
time.c Copyright year updates 2023-09-07 09:59:15 +01:00
trace.c "foo * bar" should be "foo *bar" 2023-09-11 10:15:30 +02:00
uid.c Copyright year updates 2023-09-07 09:59:15 +01:00
vms_rms.h
x86_64cpuid.pl
x86cpuid.pl