mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-15 06:01:37 +08:00
Code Issues Packages Projects Releases Wiki Activity
428511ca66
openssl/ssl
History
Todd C. Miller 428511ca66 ssl_cipher_process_rulestr: don't read outside rule_str buffer 
If rule_str ended in a "-", "l" was incremented one byte past the
end of the buffer.  This resulted in an out-of-bounds read when "l"
is dereferenced at the end of the loop.  It is safest to just return
early in this case since the condition occurs inside a nested loop.

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19166)
2022-10-26 12:46:53 +02:00
..
quic Fix 32-bit Windows issues related to QUIC Wire functions 2022-10-25 13:25:00 +02:00
record Fix test_tls13_encryption() 2022-10-25 11:42:11 +01:00
statem stack: Do not add error if pop/shift/value accesses outside of the stack 2022-10-21 18:02:35 +02:00
bio_ssl.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
build.info Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
d1_lib.c Fix coverity 1516101 deadcode 2022-10-24 09:51:00 +11:00
d1_msg.c Remove create_empty_fragment from do_dtls1_write() 2022-10-20 14:39:32 +01:00
d1_srtp.c
event_queue.c
methods.c
pqueue.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
priority_queue.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
s3_enc.c Remove enc_write_state 2022-10-12 15:53:31 +01:00
s3_lib.c Remove some redundant code 2022-10-20 14:39:33 +01:00
s3_msg.c Convert the write record layer to supply proper return values 2022-09-23 14:54:49 +01:00
ssl_asn1.c ssl: modify libssl so that it uses OSSL_TIME 2022-09-13 21:13:22 +10:00
ssl_cert_comp.c Add for_comp flag when retrieving certs for compression 2022-10-18 09:30:22 -04:00
ssl_cert_table.h
ssl_cert.c Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
ssl_ciph.c ssl_cipher_process_rulestr: don't read outside rule_str buffer 2022-10-26 12:46:53 +02:00
ssl_conf.c Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
ssl_err_legacy.c
ssl_err.c Consolidate sequence counter incrementing code 2022-10-20 14:39:33 +01:00
ssl_init.c
ssl_lib.c stack: Do not add error if pop/shift/value accesses outside of the stack 2022-10-21 18:02:35 +02:00
ssl_local.h Remove some redundant code 2022-10-20 14:39:33 +01:00
ssl_mcnf.c
ssl_rsa_legacy.c
ssl_rsa.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
ssl_sess.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
ssl_stat.c Add support for compressed certificates (RFC8879) 2022-10-18 09:30:22 -04:00
ssl_txt.c ssl: modify libssl so that it uses OSSL_TIME 2022-09-13 21:13:22 +10:00
ssl_utst.c Remove the old buffer management code 2022-10-20 14:39:33 +01:00
sslerr.h Transfer the functionality from ssl3_read_n to the new record layer 2022-08-18 16:38:12 +01:00
t1_enc.c Remove some TODO(RECLAYER) comments now that DTLS has been moved 2022-10-20 14:39:33 +01:00
t1_lib.c Remove some redundant code 2022-10-20 14:39:33 +01:00
t1_trce.c Fix coverity 1516093 tainted scalar 2022-10-21 10:33:40 +11:00
tls13_enc.c Remove enc_write_state 2022-10-12 15:53:31 +01:00
tls_depr.c
tls_srp.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00