- Apr 29, 2016
-
-
Matt Caswell authored
The tls_client_key_exchange_post_work() frees the pms on error. It also calls ssl_generate_master_secret() which also free the pms. If an error occurs after ssl_generate_master_secret() has been called then a double free can occur. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Matt Caswell authored
Commit 91fb42dd fixed a leak but introduced a problem where a parameter is erroneously freed instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Commit 8e588e28 fixed a leak but introduced a new one. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Some digest algorithms can't be disabled, don't pretend they can. Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Apr 28, 2016
-
-
FdaSilvaYY authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1007)
-
FdaSilvaYY authored
with some adaptation to new multi-threading API. Once reference, lock, meth and flag fields are setup, DSA_free/DH_free can be called directly. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/996)
-
FdaSilvaYY authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/996)
-
FdaSilvaYY authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/952)
-
FdaSilvaYY authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/952)
-
Christian Heimes authored
OpenSSL 1.1.0-pre5 has made some additional structs opaque. Python's ssl module requires access to some of the struct members. Three new getters are added: int X509_OBJECT_get_type(X509_OBJECT *a); STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v); X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx); Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Viktor Dukhovni authored
Recycling an unused slot. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
The code that implements this control would work when enabling nbio, but the disabling code needed fixing. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
The function dane_ctx_enable() allocated some memory that it did not free in an error path. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The r2i_certpol() function allocates an ASN1_OBJECT but can fail to free it in an error path. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The rsa_cms_encrypt() function allocates an ASN1_OCTET_STRING but can then fail to free it in an error condition. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The PKCS7_dataFinal() function allocates a memory buffer but then fails to free it on an error condition. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The PKCS12_key_gen_uni() had one error path which did not free memory correctly. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The i2b_PVK function leaked a number of different memory allocations on error paths (and even some non-error paths). Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The b2i_rsa() function uses a number of temporary local variables which get leaked on an error path. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
On error we could leak a ACCESS_DESCRIPTION and an ASN1_IA5STRING. Both should be freed in the error path. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Calls to BN_CTX_get() can fail so we should check that they were successful. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The cms_SignerInfo_content_sign() function allocated an EVP_MD_CTX but then failed to free it on an error path. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The cms_RecipientInfo_pwri_crypt() allocated an EVP_CIPHER_CTX but then failed to free it in some error paths. By allocating it a bit later that can be avoided. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
In BN_generate_prime_ex() we do some sanity checks first and return with an error if they fail. We should do that *before* allocating any resources to avoid a memory leak. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
In the BN_mpi2bn() function, a failure of a call to BN_bin2bn() could result in the leak of a previously allocated BIGNUM value. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
During construction of a mem BIO we allocate some resources. If this allocation fails we can end up leaking everything we have allocated so far. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
When setting an accepted socket for non-blocking, if the operation fails make sure we close the accepted socket. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
BIO_sock_error() returned 1 when getsockopt() fails when it should return the error code for that failure. Additionally, the optlen parameter to getsockopt() has to point at the size of the area that the optval parameter points at rather than zero. Some systems may forgive it being zero, but others don't. Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Apr 27, 2016
-
-
Dr. Stephen Henson authored
The traditional private key encryption algorithm doesn't function properly if the IV length of the cipher is zero. These ciphers (e.g. ECB mode) are not suitable for private key encryption anyway. Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Viktor Dukhovni authored
We must test for new object == current object, not !=. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Viktor Dukhovni authored
Coverity reports a potential NULL deref when "2 0 0" DANE trust-anchors from DNS are configured via SSL_dane_tlsa_add() and X509_STORE_CTX_init() is called with a NULL stack of untrusted certificates. Since ssl_verify_cert_chain() always provideds a non-NULL stack of untrusted certs, and no other code path enables DANE, the problem can only happen in applications that use SSL_CTX_set_cert_verify_callback() to implement their own wrappers around X509_verify_cert() passing only the leaf certificate to the latter. Regardless of the "improbability" of the problem, we do need to ensure that build_chain() handles this case correctly. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
The diverse {RSA,DSA,DH}_set0_* functions are made to allow some parameters to be NULL IF the corresponding numbers in the given key structure have already been previously initialised. Specifically, this allows the addition of private components to be added to a key that already has the public half, approximately like this: RSA_get0_key(rsa, NULL, &e, NULL); RSA_get0_factors(rsa, &p, &q); /* calculate new d */ RSA_set0_key(rsa, NULL, NULL, d); Reviewed-by: Matt Caswell <matt@openssl.org>
-
Kazuki Yamaguchi authored
Add X509_STORE_{set,get}_ex_data() function and X509_STORE_get_ex_new_index() macro. X509_STORE has ex_data and the documentation also mentions them but they are not actually implemented. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Ben Laurie authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Ben Laurie authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Ben Laurie authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
A bug meant that SSL_CTRL_SET_MAX_SEND_FRAGMENT was not adjusting split_send_fragment properly. Reviewed-by: Richard Levitte <levitte@openssl.org>
-