openssl/crypto/ct
Benjamin Kaduk 62b0a0dea6 Fix memory leaks in CTLOG_new_from_base64
Move the call to ct_base64_decode(), which allocates, until after
the check for NULL output parameter.

Also place a cap on the number of padding characters used to decrement
the output length -- any more than two '='s is not permitted in a
well-formed base64 text.  Prior to this change, ct_base64_decode() would
return a length of -1 along with allocated storage for an input of
"====".

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3379)
2017-06-09 13:32:29 -04:00
..
build.info CT policy validation 2016-03-01 20:03:25 +00:00
ct_b64.c Fix memory leaks in CTLOG_new_from_base64 2017-06-09 13:32:29 -04:00
ct_err.c make error tables const and separate header file 2017-06-07 15:12:03 -04:00
ct_locl.h Reword documentation for {SCT_CTX/CT_POLICY_EVAL_CTX}_set_time 2016-11-15 16:12:41 -05:00
ct_log.c Prevent double-free of CTLOG public key 2016-08-23 20:17:14 +01:00
ct_oct.c Fix faulty free 2017-01-29 15:31:01 +01:00
ct_policy.c Convert C++ comments to C-style comments 2016-11-15 16:12:41 -05:00
ct_prn.c Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data(). 2016-08-16 16:05:35 +01:00
ct_sct_ctx.c Check that SCT timestamps are not in the future 2016-11-15 16:12:41 -05:00
ct_sct.c Move SCT_LIST_free definition into a more logical place 2016-11-16 13:54:17 +00:00
ct_vfy.c Check that SCT timestamps are not in the future 2016-11-15 16:12:41 -05:00
ct_x509v3.c Newlines! 2017-05-22 08:03:22 -04:00