mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-23 14:42:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
d4ea9659d9
openssl/crypto
History
Matt Caswell 8a585601fe Fix out-of-memory condition in conf 
conf has the ability to expand variables in config files. Repeatedly doing
this can lead to an exponential increase in the amount of memory required.
This places a limit on the length of a value that can result from an
expansion.

Credit to OSS-Fuzz for finding this problem.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2894)
2017-03-12 00:19:14 +00:00
..
aes aes/aes_x86core.c: clarify reference implementation status. 2017-03-02 16:26:01 +01:00
aria Implementation of the ARIA cipher as described in RFC 5794. 2017-02-21 11:51:45 +01:00
asn1 Exit the loop on failure 2017-03-09 09:26:13 -05:00
async Further improvements to ASYNC_WAIT_CTX_clear_fd 2017-02-13 15:29:43 +00:00
bf Remove a pointless "#ifndef" from bf_enc.c 2017-02-28 15:17:46 +00:00
bio bio/b_addr.c: omit private hstrerror. 2017-03-02 16:28:54 +01:00
blake2
bn Ensure we don't call memcpy with a NULL pointer 2017-03-03 23:49:24 +00:00
buffer
camellia camellia/asm/cmll-x86_64.pl: add CFI annotations. 2017-02-26 21:26:09 +01:00
cast Code health: With the VAX C-ism gone, OPENSSL_GLOBAL can be removed too 2017-02-28 20:23:07 +01:00
chacha chacha/asm/chacha-x86_64.pl: add CFI annotations. 2017-02-26 21:26:06 +01:00
cmac Don't use deprecated EVP_CIPHER_CTX_cleanup() internally 2017-03-01 11:42:50 +01:00
cms
comp
conf Fix out-of-memory condition in conf 2017-03-12 00:19:14 +00:00
ct Fix faulty free 2017-01-29 15:31:01 +01:00
des des/des_locl.h: clean up unused/irrelevant macros. 2017-03-02 16:16:52 +01:00
dh Better check of DH parameters in TLS data 2017-01-26 10:54:01 +00:00
dsa Style 2017-01-25 09:06:34 +00:00
dso Remove some commented out code in libcrypto 2017-02-28 16:02:11 +00:00
ec Increase the size of the stack buffer to prevent an overflow. 2017-02-24 00:00:32 +01:00
engine
err Clean up references to FIPS 2017-02-28 15:26:25 +01:00
evp evp/e_aes_cbc_hmac_{sha1|sha256}.c: tag reference code. 2017-03-02 16:25:36 +01:00
hmac Remove support for HMAC_TEST_PRIVATE_KEY_FORMAT 2017-02-28 19:46:01 +01:00
idea
include/internal Remove dead code in bn 2017-02-28 14:46:24 +00:00
kdf
lhash Remove some commented out code in libcrypto 2017-02-28 16:02:11 +00:00
md2
md4
md5 {md5,rc4}/asm/*-x86_64.pl: add CFI annotations. 2017-02-13 14:16:01 +01:00
mdc2
modes Don't call memcpy if len is zero. 2017-02-20 19:17:53 -05:00
objects Remove some commented out code in libcrypto 2017-02-28 16:02:11 +00:00
ocsp
pem
perlasm Fix a few typos 2017-02-14 15:48:51 -05:00
pkcs7 Remove dead code in crypto/pkcs7 2017-02-28 12:58:26 +01:00
pkcs12 Fix memory leak in pkcs12 -export 2017-02-21 14:47:18 -05:00
poly1305 poly1305/asm/poly1305-x86_64.pl: minor AVX512 optimization. 2017-02-26 21:27:54 +01:00
rand Clean up references to FIPS 2017-02-28 15:26:25 +01:00
rc2
rc4 {md5,rc4}/asm/*-x86_64.pl: add CFI annotations. 2017-02-13 14:16:01 +01:00
rc5
ripemd
rsa Fix an endless loop in rsa_builtin_keygen. 2017-03-06 09:54:17 -05:00
seed Use _WIN32 over WIN32 for preprocessor conditional 2017-02-16 08:59:47 -05:00
sha Clean up references to FIPS 2017-02-28 15:26:25 +01:00
siphash Add support for parameterized SipHash 2017-02-01 14:14:36 -05:00
srp Prevent OOB in SRP base64 code. 2017-02-21 13:07:13 -05:00
stack
ts
txt_db Fix a few memleaks in TXT_DB. 2017-02-21 14:13:58 -05:00
ui Fix UI_get0_action_string() 2017-03-11 01:25:06 +01:00
whrlpool whrlpool/asm/wp-x86_64.pl: add CFI annotations. 2017-02-26 21:26:24 +01:00
x509 X509 time: tighten validation per RFC 5280 2017-02-24 17:37:08 +01:00
x509v3 Remove some commented out code in libcrypto 2017-02-28 16:02:11 +00:00
alphacpuid.pl
arm64cpuid.pl
arm_arch.h
armcap.c crypto/armcap.c: short-circuit processor capability probe in iOS builds. 2017-02-15 23:16:23 +01:00
armv4cpuid.pl ARMv4 assembly pack: harmonize Thumb-ification of iOS build. 2017-02-15 23:16:01 +01:00
build.info
c64xpluscpuid.pl
cpt_err.c
cryptlib.c Remove some obsolete/obscure internal define switches: 2017-03-01 10:44:49 +01:00
cversion.c
dllmain.c
ebcdic.c
ex_data.c Combined patch against master branch for the following issues: 2017-02-03 20:39:52 +01:00
ia64cpuid.S
init.c
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_dbg.c
mem_sec.c sh_malloc & sh_free prototype change to match POSIX 2017-03-02 19:16:57 -05:00
mem.c Removed ugly size_t less than zero check. 2017-02-21 12:30:23 -05:00
mips_arch.h
o_dir.c Fix typo, missing || 2017-02-22 19:51:04 +01:00
o_fips.c Clean up references to FIPS 2017-02-28 15:26:25 +01:00
o_fopen.c
o_init.c Clean up references to FIPS 2017-02-28 15:26:25 +01:00
o_str.c Add -Wundef to --strict-warnings options. 2017-02-24 09:21:59 +01:00
o_time.c Reset executable bits on files where not needed. 2017-03-03 09:13:40 +01:00
pariscid.pl
ppc_arch.h
ppccap.c
ppccpuid.pl
s390xcap.c
s390xcpuid.S
sparc_arch.h
sparccpuid.S Clean up references to FIPS 2017-02-28 15:26:25 +01:00
sparcv9cap.c
threads_none.c
threads_pthread.c Grouped data declarations [skip ci] 2017-02-03 13:48:44 +01:00
threads_win.c
uid.c
vms_rms.h
x86_64cpuid.pl crypto/x86_64cpuid.pl: move extended feature detection upwards. 2017-03-07 11:17:32 +01:00
x86cpuid.pl Remove OPENSSL_indirect_call() 2017-02-28 20:14:31 -05:00