Skip to content
Snippets Groups Projects
  1. Jun 12, 2014
  2. Jun 11, 2014
  3. Jun 10, 2014
  4. Jun 09, 2014
  5. Jun 05, 2014
  6. Jun 03, 2014
  7. Jun 02, 2014
  8. Jun 01, 2014
  9. May 27, 2014
  10. May 26, 2014
  11. May 25, 2014
  12. May 24, 2014
  13. May 23, 2014
    • Tatsuhiro Tsujikawa's avatar
      openssl: Fix uninitialized variable use in NPN callback · c7638d93
      Tatsuhiro Tsujikawa authored
      OpenSSL passes out and outlen variable uninitialized to
      select_next_proto_cb callback function.  If the callback function
      returns SSL_TLSEXT_ERR_OK, the caller assumes the callback filled
      values in out and outlen and processes as such.  Previously, if there
      is no overlap in protocol lists, curl code does not fill any values in
      these variables and returns SSL_TLSEXT_ERR_OK, which means we are
      triggering undefined behavior.  valgrind warns this.
      
      This patch fixes this issue by fallback to HTTP/1.1 if there is no
      overlap.
      c7638d93
  14. May 22, 2014
  15. May 21, 2014
  16. May 20, 2014
  17. May 18, 2014
  18. May 17, 2014
  19. May 16, 2014
  20. May 15, 2014
  21. May 14, 2014
  22. May 12, 2014
  23. May 11, 2014
Loading