Skip to content
  1. Aug 03, 2016
  2. Aug 02, 2016
  3. Jul 29, 2016
  4. Jul 28, 2016
  5. Jul 26, 2016
  6. Jul 22, 2016
  7. Jul 20, 2016
  8. Jul 19, 2016
  9. Jul 18, 2016
  10. Jul 16, 2016
  11. Jul 15, 2016
  12. Jul 08, 2016
  13. Jul 06, 2016
  14. Jul 05, 2016
  15. Jul 01, 2016
    • Matt Caswell's avatar
      Avoid an overflow in constructing the ServerKeyExchange message · 77857ddc
      Matt Caswell authored
      
      
      We calculate the size required for the ServerKeyExchange message and then
      call BUF_MEM_grow_clean() on the buffer. However we fail to take account of
      2 bytes required for the signature algorithm and 2 bytes for the signature
      length, i.e. we could overflow by 4 bytes. In reality this won't happen
      because the buffer is pre-allocated to a large size that means it should be
      big enough anyway.
      
      Addresses an OCAP Audit issue.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      77857ddc
    • Andy Polyakov's avatar
      SPARC assembly pack: enforce V8+ ABI constraints. · cbffd2d9
      Andy Polyakov authored
      
      
      Even though it's hard to imagine, it turned out that upper half of
      arguments passed to V8+ subroutine can be non-zero.
      
      ["n" pseudo-instructions, such as srln being srl in 32-bit case and
      srlx in 64-bit one, were implemented in binutils 2.10. It's assumed
      that Solaris assembler implemented it around same time, i.e. 2000.]
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      (cherry picked from commit f198cc43)
      cbffd2d9
  16. Jun 30, 2016
  17. Jun 29, 2016
  18. Jun 27, 2016
  19. Jun 26, 2016
  20. Jun 25, 2016
  21. Jun 24, 2016
  22. Jun 23, 2016
  23. Jun 22, 2016
  24. Jun 21, 2016
  25. Jun 20, 2016