openbsd/src/lib/libcrypto/objects, branch libressl-v2.3.1

openbsd/src/lib/libcrypto/objects, branch libressl-v2.3.1 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.3.1 2015-10-14T21:54:10+00:00 better fix for overrun reported by Qualys Security. 2015-10-14T21:54:10+00:00 tedu 2015-10-14T21:54:10+00:00 urn:sha1:f0ee1fb72122929fae5a676dee3e14abea854b08 buf is at all times kept nul terminated, so there is no need to enforce this again upon exit. (no need to move buf around after we exahust space.) ok beck miod Bail out early if we have no buf_len 2015-10-14T21:25:16+00:00 beck 2015-10-14T21:25:16+00:00 urn:sha1:dc23b19f3698a79f7984b5bd5d221b732cb21cd2 ok miod@ fix a memory leak reported by Qualys Security. 2015-10-14T21:12:10+00:00 tedu 2015-10-14T21:12:10+00:00 urn:sha1:8cc5fcf519441ae3b3bb76e03ff82de3fd0909e3 move the bndec variable in tighter since it's not used elsewhere in the loop, then always free it after use. ok bcook miod Ensure we don't write a 0 byte past end of the buffer in the error case. 2015-10-14T21:02:08+00:00 beck 2015-10-14T21:02:08+00:00 urn:sha1:57db5484f01ee7355ac6c6ca5d03f2cf66ec2a99 ok bcook@ deraadt@ Coverity ID 78910 - Yet another stupid API designed to not show failures. do the 2015-07-18T21:21:28+00:00 beck 2015-07-18T21:21:28+00:00 urn:sha1:7510bf41ec4cdda3b3749905b51625fff4d6979e lease worst alternative and do nothing rather than dereference NULL, but having a function with fundamentally broken API to simply make a list of strings, sort them, and call a function with each string as an argument is really quite silly.... and of course it was exposed API that the ecosystem uses that we can't delete.. yet. ok miod@ doug@ Remove more IMPLEMENT_STACK_OF noops that have been hiding for the last 2015-02-10T11:22:22+00:00 jsing 2015-02-10T11:22:22+00:00 urn:sha1:f615895acf9eb579a4183eb9a32ea5ab0e2d7cb6 15 years. GOST crypto algorithms (well, most of them), ported from the removed GOST 2014-11-09T19:17:13+00:00 miod 2014-11-09T19:17:13+00:00 urn:sha1:35d7dd4666beda50f5094b8804802132fbe722ef engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed. Check the result of sk_*_push() operations for failure. 2014-10-28T05:46:56+00:00 miod 2014-10-28T05:46:56+00:00 urn:sha1:794dcf073b734d649d7b5d30916d7a3ae919b66e ok doug@ jsing@ Use strdup() instead of malloc() + memcpy(). 2014-10-07T04:59:25+00:00 miod 2014-10-07T04:59:25+00:00 urn:sha1:e6591834545def1231d8d84aae4ba257d5b1d204 ok doug@ jsing@ Fix CVE-2014-3508, pretty printing and OID validation: 2014-08-08T04:53:43+00:00 guenther 2014-08-08T04:53:43+00:00 urn:sha1:39cb4488ec5412e0f592f7fabdb5ab22cded5edc - make sure the output buffer is always NUL terminated if buf_len was initially greater than zero. - reject OIDs that are too long, too short, or not in proper base-127 Based on https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0042fb5fd1c9d257d713b15a1f45da05cf5c1c87 ok bcook@