openssl/crypto/asn1
Dr. Stephen Henson f962541d0b Don't set choice selector on parse failure.
Don't set choice selector on parse failure: this can pass unexpected
values to the choice callback. Instead free up partial structure
directly.

CVE-2016-7053

Thanks to Tyler Nighswander of ForAllSecure for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-10 13:04:11 +00:00
..
a_bitstr.c Avoid calling memcpy with lenght of 0 2016-05-27 21:01:12 +02:00
a_d2i_fp.c Check for overflows in EOC. 2016-06-04 13:54:49 +01:00
a_digest.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_dup.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_gentm.c Constify some inputs buffers 2016-08-23 11:47:22 +02:00
a_i2d_fp.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_int.c Constify ASN1_INTEGER_get, ASN1_ENUMERATED_get 2016-08-04 17:02:48 +02:00
a_mbstr.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_object.c Check for errors in a2d_ASN1_OBJECT() 2016-08-16 00:19:19 +01:00
a_octet.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_print.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_sign.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_strex.c Fix strict-warnings build 2016-10-18 17:09:47 +01:00
a_strnid.c Convert asn1 selftests (a_strnid and ameth_lib) into internal test 2016-11-03 13:13:31 +01:00
a_time.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_type.c Fix embedded string handling. 2016-10-17 14:34:00 +01:00
a_utctm.c Constify some inputs buffers 2016-08-23 11:47:22 +02:00
a_utf8.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
a_verify.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
ameth_lib.c Convert asn1 selftests (a_strnid and ameth_lib) into internal test 2016-11-03 13:13:31 +01:00
asn1_err.c Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
asn1_gen.c Constify ASN1_generate_nconf 2016-06-04 21:30:41 -04:00
asn1_item_list.c Fix config option 'no-deprecated' 2016-10-19 12:11:56 +02:00
asn1_item_list.h Add ASN1_ITEM lookup and enumerate functions. 2016-09-29 16:21:45 +01:00
asn1_lib.c Fix embedded string handling. 2016-10-17 14:34:00 +01:00
asn1_locl.h Fix embedded string handling. 2016-10-17 14:34:00 +01:00
asn1_par.c Whitespace cleanup in crypto 2016-06-29 09:56:39 -04:00
asn_mime.c Ensure the mime_hdr_free function can handle NULLs 2016-08-23 00:19:15 +01:00
asn_moid.c Constify some input buffers in asn1 2016-06-15 13:22:38 -04:00
asn_mstbl.c Constify some input buffers in asn1 2016-06-15 13:22:38 -04:00
asn_pack.c Constify ASN1_item_unpack(). 2016-08-17 12:01:29 +01:00
bio_asn1.c Create BIO_write_ex() which handles size_t arguments 2016-10-28 09:48:54 +01:00
bio_ndef.c Add more zalloc 2016-05-29 01:36:11 +02:00
build.info Add ASN1_ITEM lookup and enumerate functions. 2016-09-29 16:21:45 +01:00
charmap.h Add nameConstraints commonName checking. 2016-07-11 23:30:04 +01:00
charmap.pl Add nameConstraints commonName checking. 2016-07-11 23:30:04 +01:00
d2i_pr.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
d2i_pu.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
evp_asn1.c Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data(). 2016-08-16 16:05:35 +01:00
f_int.c Constify i2a* 2016-08-18 17:20:36 +01:00
f_string.c Constify i2a* 2016-08-18 17:20:36 +01:00
i2d_pr.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
i2d_pu.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
n_pkey.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
nsseq.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
p5_pbe.c Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data(). 2016-08-16 16:05:35 +01:00
p5_pbev2.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
p5_scrypt.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
p8_pkey.c Constify private key decode. 2016-08-17 12:01:29 +01:00
standard_methods.h Convert asn1 selftests (a_strnid and ameth_lib) into internal test 2016-11-03 13:13:31 +01:00
t_bitst.c Constify some input buffers in asn1 2016-06-15 13:22:38 -04:00
t_pkey.c Constify ASN1_buf_print 2016-07-25 08:20:00 -04:00
t_spki.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
tasn_dec.c Don't set choice selector on parse failure. 2016-11-10 13:04:11 +00:00
tasn_enc.c Check for overlows and error return from ASN1_object_size() 2016-08-02 13:40:32 +01:00
tasn_fre.c Fix embedded string handling. 2016-10-17 14:34:00 +01:00
tasn_new.c Rework error handling from asn1_do_lock method. 2016-06-23 14:00:47 +01:00
tasn_prn.c Print <ABSENT> if a STACK is NULL. 2016-09-29 16:21:46 +01:00
tasn_scn.c Add more zalloc 2016-05-29 01:36:11 +02:00
tasn_typ.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
tasn_utl.c Rework error handling from asn1_do_lock method. 2016-06-23 14:00:47 +01:00
tbl_standard.h Convert asn1 selftests (a_strnid and ameth_lib) into internal test 2016-11-03 13:13:31 +01:00
x_algor.c constify X509_ALGOR_get0() 2016-08-17 12:01:29 +01:00
x_bignum.c Fix print of ASN.1 BIGNUM type. 2016-07-18 17:53:05 +01:00
x_info.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
x_long.c Cast to an unsigned type before negating 2016-07-20 19:25:16 +02:00
x_pkey.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x_sig.c Add X509_getm_notBefore, X509_getm_notAfter 2016-08-21 18:25:23 +01:00
x_spki.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
x_val.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00