openssl/ssl at a3b5684fc1d4f3aabdf68dcf6c577f6dd24d2b2d - openssl - Collaboration & Inovation

mirror/openssl

mirror of https://github.com/openssl/openssl.git synced 2025-03-31 20:10:45 +08:00

History

Peter Wu 6d047e06e6 SSL_get_shared_sigalgs: handle negative idx parameter

When idx is negative (as is the case with do_print_sigalgs in
apps/s_cb.c), AddressSanitizer complains about a buffer overflow (read).
Even if the pointer is not dereferenced, this is undefined behavior.

Change the user not to use "-1" as index since the function is
documented to return 0 on out-of-range values.

Tested with `openssl s_server` and `curl -k https://localhost:4433`.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2349)

2017-02-09 09:48:46 +00:00

..

Fix crash in tls13_enc

2017-02-08 11:41:45 +00:00

Combined patch against master branch for the following issues:

2017-02-03 20:39:52 +01:00

bio_ssl.c

Test the size_t constant time functions

2016-11-04 12:09:46 +00:00

build.info

Move client parsing of ServerHello extensions into new framework

2016-12-08 17:18:25 +00:00

d1_lib.c

Ensure we are in accept state in DTLSv1_listen

2016-11-29 10:01:49 +00:00

d1_msg.c

Convert libssl writing for size_t

2016-11-04 12:09:45 +00:00

d1_srtp.c

Move client parsing of ServerHello extensions into new framework

2016-12-08 17:18:25 +00:00

methods.c

Add the SSL_METHOD for TLSv1.3 and all other base changes required

2016-11-02 13:08:21 +00:00

packet_locl.h

Miscellaneous style tweaks based on feedback received

2017-01-30 10:18:23 +00:00

packet.c

Use for loop in WPACKET_fill_lengths instead of do...while

2017-01-30 10:18:24 +00:00

pqueue.c

Fix a missed size_t variable declaration

2016-11-04 12:09:46 +00:00

s3_cbc.c

Provide some constant time functions for dealing with size_t values

2016-11-04 12:09:46 +00:00

s3_enc.c

fix a memory leak in ssl3_generate_key_block fix the error handling in ssl3_change_cipher_state

2017-01-23 11:41:59 +01:00

s3_lib.c

Add remaining TLS1.3 ciphersuites

2017-02-08 02:16:27 +00:00

s3_msg.c

Fix some missed size_t updates

2016-11-04 12:09:45 +00:00

ssl_asn1.c

Fix <= TLS1.2 break

2017-01-30 10:18:24 +00:00

ssl_cert.c

Convert Sigalgs processing to use ints

2017-01-10 23:02:50 +00:00

ssl_ciph.c

Add NID_auth_any and NID_kx_any NIDs.

2017-02-08 02:16:26 +00:00

ssl_conf.c

Test mac-then-encrypt

2016-11-28 12:23:36 +01:00

ssl_err.c

make errors

2017-02-02 14:45:10 +00:00

ssl_init.c

Indent ssl/

2016-08-18 14:02:29 +02:00

ssl_lib.c

For TLS 1.3 retrieve previously set certificate index

2017-02-02 14:45:10 +00:00

ssl_locl.h

Add SSL_kANY and SSL_aANY

2017-02-08 02:16:26 +00:00

ssl_mcnf.c

Fix misc size_t issues causing Windows warnings in 64 bit

2016-11-04 12:09:46 +00:00

ssl_rsa.c

Indent ssl/

2016-08-18 14:02:29 +02:00

ssl_sess.c

Various style fixes following review feedback

2017-01-30 10:18:25 +00:00

ssl_stat.c

Add missing debug strings.

2016-09-07 16:08:38 -04:00

ssl_txt.c

Move extension data into sub-structs

2017-01-09 22:26:47 -05:00

ssl_utst.c

Remove heartbeat support

2016-11-13 16:24:02 -05:00

t1_enc.c

Add CCM mode support for TLS 1.3

2017-02-08 02:16:27 +00:00

t1_ext.c

Add some missing extensions to SSL_extension_supported()

2016-12-08 17:17:33 +00:00

t1_lib.c

SSL_get_shared_sigalgs: handle negative idx parameter

2017-02-09 09:48:46 +00:00

t1_trce.c

Add support for the psk_key_exchange_modes extension

2017-01-30 10:17:49 +00:00

tls13_enc.c

Add CCM mode support for TLS 1.3

2017-02-08 02:16:27 +00:00

tls_srp.c

Indent ssl/

2016-08-18 14:02:29 +02:00