openssl

mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00

History

zekeevans-mf bcb61b39b4 Add deep copy of propq field in mac_dupctx to avoid double free mac_dupctx() should make a copy of the propq field. Currently it does a shallow copy which can result in a double free and crash. The double free occurs when using a provider property string. For example, passing in "fips=no" to SSL_CTX_new_ex() causes the propq field to get set to that value. When mac_dupctx() and mac_freectx() is called (ie: in SSL_write()) it ends up freeing the reference of the original object instead of a copy. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13926)		2021-02-18 12:11:53 +01:00
..
common	err: generated error files	2021-02-17 13:10:49 +10:00
fips	Move the PROV_R reason codes to a public header	2021-02-11 09:34:31 +01:00
implementations	Add deep copy of propq field in mac_dupctx to avoid double free	2021-02-18 12:11:53 +01:00
baseprov.c	PROV: Re-implement all the keypair encoders	2020-11-11 12:43:27 +01:00
build.info
decoders.inc	PROV: Add SM2 encoders and decoders, as well as support functionality	2021-02-01 23:02:20 +01:00
defltprov.c	Avoid races by caching exported ciphers in the init function	2021-02-02 12:21:21 +00:00
encoders.inc	Rename OSSL_ENCODER_CTX_new_by_EVP_PKEY and OSSL_DECODER_CTX_new_by_EVP_PKEY	2021-02-17 15:26:12 +01:00
legacyprov.c
nullprov.c	null prov: fix gettable param array type.	2020-10-16 10:33:38 +10:00
prov_running.c
stores.inc