- Feb 23, 2017
-
-
Todd Short authored
If ret is allocated, it may be leaked on error. Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2666) (cherry picked from commit 4483e234)
-
Bernd Edlinger authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> Reviewed-by:
-
Andy Polyakov authored
pointers, except for minimal std[in|out|err]. (cherry picked from commit 800b299b ) Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2701)
-
Rich Salz authored
Reviewed-by:
-
- Feb 22, 2017
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Rich Salz authored
Prevent that memory beyond the last element is accessed if every element of group->poly[] is non-zero Reviewed-by:
-
Richard Levitte authored
opendir(), readdir() and closedir() have been available on VMS since version 7.0. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
- Feb 21, 2017
-
-
Dmitry Belyavskiy authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Rich Salz authored
Change size comparison from > (GT) to >= (GTE) to ensure an additional byte of output buffer, to prevent OOB reads/writes later in the function Reject input strings larger than 2GB Detect invalid output buffer size and return early Reviewed-by:
-
- Feb 17, 2017
-
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
- Feb 16, 2017
-
-
Bernd Edlinger authored
Fixes #2220 Reviewed-by:
-
- Feb 15, 2017
-
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
Matt Caswell <matt@openssl.org> Reviewed-by:
-
- Feb 14, 2017
-
-
FdaSilvaYY authored
Reviewed-by:
-
Guido Vranken authored
Reviewed-by:
-
Yuchi authored
Reviewed-by:
-
- Feb 13, 2017
-
-
Darren Tucker authored
CLA: trivial Reviewed-by:
-
David Benjamin authored
While it's always safe to read |SSL_MAX_SSL_SESSION_ID_LENGTH| bytes from an |SSL_SESSION|'s |session_id| array, the hash function would do so with without considering if all those bytes had been written to. This change checks |session_id_length| before possibly reading uninitialised memory. Since the result of the hash function was already attacker controlled, and since a lookup of a short session ID will always fail, it doesn't appear that this is anything more than a clean up. In particular, |ssl_get_prev_session| uses a stack-allocated placeholder |SSL_SESSION| as a lookup key, so the |session_id| array may be uninitialised. This was originally found with libFuzzer and MSan in https://boringssl.googlesource.com/boringssl/+/e976e4349d693b4bbb97e1694f45be5a1b22c8c7, then by Robert Swiecki with honggfuzz and MSan here. Thanks to both. (cherry picked from commit bd5d27c1 ) Reviewed-by:
-
- Feb 09, 2017
-
-
Matt Hauck authored
This only manifested itself with FIPS enabled statically linked engines. The OPENSSL_init call ended up invoking RAND_init_fips for a FIPS enabled build, which called CRYPTO_malloc, resulting in disallowing the engine to finish its IMPLEMENT_DYNAMIC_BIND_FN call. (Merged from https://github.com/openssl/openssl/pull/1308)Reviewed-by : Geoff Thorpe <geoff@openssl.org> Reviewed-by:
-
Bernd Edlinger authored
- enable ssl3_init_finished_mac to return an error - don't continue the SSL state machine if that happens in ssl3_connect: - if ssl3_setup_buffer fails also set state to SSL_ST_ERR for consistency Reviewed-by:
-
Bernd Edlinger authored
- add error handling in ssl3_generate_key_block and ssl3_change_cipher_state Fixes #2114 Reviewed-by:
-
- Feb 08, 2017
-
-
Todd Short authored
When session tickets are used, it's possible that SNI might swtich the SSL_CTX on an SSL. Normally, this is not a problem, because the initial_ctx/session_ctx are used for all session ticket/id processes. However, when the SNI callback occurs, it's possible that the callback may update the options in the SSL from the SSL_CTX, and this could cause SSL_OP_NO_TICKET to be set. If this occurs, then two bad things can happen: 1. The session ticket TLSEXT may not be written when the ticket expected flag is set. The state machine transistions to writing the ticket, and the client responds with an error as its not expecting a ticket. 2. When creating the session ticket, if the ticket key cb returns 0 the crypto/hmac contexts are not initialized, and the code crashes when trying to encrypt the session ticket. To fix 1, if the ticket TLSEXT is not written out, clear the expected ticket flag. To fix 2, consider a return of 0 from the ticket key cb a recoverable error, and write a 0 length ticket and continue. The client-side code can explicitly handle this case. Fix these two cases, and add unit test code to validate ticket behavior. Reviewed-by:
-
- Feb 07, 2017
-
-
Rich Salz authored
Thanks to Graeme Perrow for reporting and providing a possible fix. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Bernd Edlinger authored
calling OPENSSL_cleanse() Reviewed-by:
-
Bernd Edlinger authored
or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed. - if that happens set cipher = NULL. Reviewed-by:
-
- Feb 06, 2017
-
-
Bernd Edlinger authored
Fixed a memory leak in ASN1_digest and ASN1_item_digest. asn1_template_noexp_d2i call ASN1_item_ex_free(&skfield,...) on error. Reworked error handling in asn1_item_ex_combine_new: - call ASN1_item_ex_free and return the correct error code if ASN1_template_new failed. - dont call ASN1_item_ex_free if ASN1_OP_NEW_PRE failed. Reworked error handing in x509_name_ex_d2i and x509_name_encode. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in def_get_class if lh_EX_CLASS_ITEM_insert fails due to OOM: - to figure out if the insertion succeeded, use lh_EX_CLASS_ITEM_retrieve again. - on error, p will be NULL, and gen needs to be cleaned up again. int_free_ex_data needs to have a fallback solution if unable to allocate "storage": - if free_func is non-zero this must be called to clean up all memory. Fixed error handling in pkey_hmac_copy. Fixed error handling in ssleay_rand_add and ssleay_rand_bytes. Fixed error handling in X509_STORE_new. Fixed a memory leak in ssl3_get_key_exchange. Check for null pointer in ssl3_write_bytes. Check for null pointer in ssl3_get_cert_verify. Fixed a memory leak in ssl_cert_dup. Fixes #2087 #2094 #2103 #2104 #2105 #2106 #2107 #2108 #2110 #2111 #2112 #2115 Reviewed-by:
-
- Feb 05, 2017
-
-
Bernd Edlinger authored
Reviewed-by:
-
- Jan 31, 2017
-
-
Richard Levitte authored
If someone tries this: MAKE='make -j8' ./config then Configure ends up doing this: make -j8 links depend gentests Doing those three in parallell leads to a race condition that may very well cause issue such as tests not being run (because they all get linked to a dummy that does nothing instead of the real test). To mitigate this, execute the three targets in one make call each. Reviewed-by:Emilia Käsper <emilia@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2332)
-
- Jan 27, 2017
-
-
Richard Levitte authored
The ! command doesn't exist on all Unix family operating systems, so don't use it. Reviewed-by:
-
- Jan 26, 2017
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by:
-
