openbsd/src/lib/libcrypto/asn1, branch libressl-v2.9.2

openbsd/src/lib/libcrypto/asn1, branch libressl-v2.9.2 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.9.2 2019-04-10T16:23:55+00:00 Avoid an overread caused by d2i_PrivateKey(). 2019-04-10T16:23:55+00:00 jsing 2019-04-10T16:23:55+00:00 urn:sha1:8ab9e3c33c0dd587e42c1c871bbe154fd19af00f There are cases where the old_priv_decode() function can fail but consume bytes. This will result in the pp pointer being advanced, which causes d2i_PKCS8_PRIV_KEY_INFO() to be called with an advanced pointer and incorrect length. Fixes oss-fuzz #13803 and #14142. ok deraadt@ tb@ Revert tasn_prn.c r1.18. 2019-04-07T16:35:50+00:00 jsing 2019-04-07T16:35:50+00:00 urn:sha1:a2af4c7dba7453f0994ce278075358a1d3a0e14f In this code, just because something is cast to a type doesn't mean it is necessarily that type - in this case we cannot check the length of the ASN1_STRING here, since it might be another data type and later handled as an int (for example, in the V_ASN1_BOOLEAN case). We will revisit this post release. ok tb@ Implement a print function for BIGNUM_it. 2019-04-01T15:49:22+00:00 jsing 2019-04-01T15:49:22+00:00 urn:sha1:5cecd6a22c296f340853d47afffabcd24c0c8b33 ok beck@, tb@ Correct the return values from long_print. 2019-04-01T15:48:50+00:00 jsing 2019-04-01T15:48:50+00:00 urn:sha1:01a9fea5da51f3194be3ccfae8edee09154ed07a BIO_print() returns -1 on failure, whereas the ASN print functions need to return 0. ok beck@, tb@ Require all ASN1_PRIMITIVE_FUNCS functions to be provided. 2019-04-01T15:48:04+00:00 jsing 2019-04-01T15:48:04+00:00 urn:sha1:c668655bd37c10676da50f3d90a2cb88438f14c1 If an ASN.1 item provides its own ASN1_PRIMITIVE_FUNCS functions, require all functions to be provided (currently excluding prim_clear). This avoids situations such as having a custom allocator that returns a specific struct but then is then printed using the default primative print functions, which interpret the memory as a different struct. Found by oss-fuzz, fixes issue #13799. ok beck@, tb@ Wrap long lines and apply some style(9). 2019-03-31T14:41:40+00:00 jsing 2019-03-31T14:41:40+00:00 urn:sha1:64bf76574174842316a177094611661f1fd85651 Use named field initialisers. 2019-03-31T14:39:15+00:00 jsing 2019-03-31T14:39:15+00:00 urn:sha1:ca7066ca92ab7567464f37cf40bfc611eac214ff Use limits.h instead of sys/limits.h for portability. 2019-03-26T09:15:07+00:00 jsing 2019-03-26T09:15:07+00:00 urn:sha1:9c473767d3f3f2dfdc038c2b51ddcb358a016077 From phrocker via github. Don't allow asn1_parse2 to recurse arbitrarily deep. Constrain to a max 2019-03-24T16:07:25+00:00 beck 2019-03-24T16:07:25+00:00 urn:sha1:8157056ce15f6a70ad99702f5d20a820a1d6b2f9 depth of 128 - For oss-fuzz issue 13802 ok jsing@ Add range checks to varios ASN1_INTEGER functions to ensure the 2019-03-23T18:48:15+00:00 beck 2019-03-23T18:48:15+00:00 urn:sha1:c7b9ffc836ad7a05586d7c83c368d784af9cacda sizes used remain a positive integer. Should address issue 13799 from oss-fuzz ok tb@ jsing@