summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Replace entire printf-like guts with calls to libc snprintf.deraadt2014-04-212-1538/+92
| | | | | funopen(3) is used to interface to BIO descriptors. ok guenther
* Bring malloc/calloc/realloc sequences to modern standardderaadt2014-04-2116-54/+38
| | | | ok guenther
* remove macros wrapping malloc/calloc/free/reallocderaadt2014-04-211-26/+16
|
* Correctly document the return value of getenv(3)guenther2014-04-211-6/+8
| | | | From Ben Cornett (ben (at) lantern.is)
* KNF.jsing2014-04-2116-1096/+912
|
* clean up files we don't needtedu2014-04-2138-2704/+0
|
* fix accidentally deleted deref.beck2014-04-212-2/+2
|
* ASN1_STRING cleanup - realloc has handled NULL since I had a mulletbeck2014-04-202-34/+20
| | | | | | | | | and parachute pants - and since it's obvious there is no guarantee the caller doesn't pass in the data area in the argument, use memmove instead of memcpy so overlapping areas are handled correctly. Also, pointers can be usefully printed in hex with %p, in error messaeges rather than the bizzaro stuff that was there using mystical buffer lengths and abuse of strlcpy-converted-blindly-from-strcpy
* replace a bunch of pointer-arithmatic-strcpy-converted-blindly-to-strlcpybeck2014-04-202-14/+14
| | | | | cruft with an snprintf. "better than what was there" ok guenther@
* Eliminate duplicated logic by switching from malloc+snprintf to asprintfguenther2014-04-202-40/+28
| | | | ok beck@
* Chop off more SSLv2 tentacles and start fixing and noting y2038 issues.guenther2014-04-202-22/+36
| | | | | | | APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@
* Restore beck's (void)snprintf(): they were reviewed.guenther2014-04-206-10/+10
|
* Restore beck's rev 1.8: snprintf() was reviewed.guenther2014-04-202-4/+4
|
* Restore tedu's rev 1.4: snprintf() was reviewed.guenther2014-04-202-2/+2
|
* Restore beck's rev 1.7: snprintf() was reviewed.guenther2014-04-202-4/+8
| | | | Also, use sizeof() for snprintf()'s size argument
* Remove unused/never installed libssl tools and docs and references to themafresh12014-04-2020-1267/+17
| | | | Sure deraadt
* Restore beck's rev 1.21: snprintf() was reviewedguenther2014-04-202-2/+2
|
* theo found a file we don't seem to need, but just in case, i will pastetedu2014-04-202-6/+0
| | | | | | the contents below: #!/usr/local/bin/perl # x86 assember
* Restore beck's rev 1.9: snprintf() was reviewedguenther2014-04-202-2/+2
|
* KNF.jsing2014-04-2010-476/+610
|
* Restore beck's rev 1.3: snprintf() was reviewedguenther2014-04-202-2/+2
|
* More KNF.jsing2014-04-204-6/+6
|
* KNF.jsing2014-04-2012-1428/+1902
|
* KNF.jsing2014-04-2012-940/+1184
|
* KNF.jsing2014-04-208-528/+718
|
* More KNF.jsing2014-04-2026-160/+176
|
* More KNF.jsing2014-04-202-100/+124
|
* gettimeofday() is portable enough and does not need a wrapperderaadt2014-04-202-18/+4
|
* calloc() rather than malloc+memsetderaadt2014-04-202-4/+4
|
* Fix indentation, adding braces and combining a nested if to reduce depthguenther2014-04-202-24/+28
|
* KNF.jsing2014-04-204-362/+438
|
* KNF.jsing2014-04-208-796/+786
|
* Chop off more SSLv2 tentacles and start fixing and noting y2038 issues.guenther2014-04-2017-118/+44
| | | | | | | APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@
* return after error instead of plowing ahead. noticed by mancha1 at zohotedu2014-04-202-0/+2
|
* Use calloc(a,b) instead of malloc(a*b) + memset(a*b). I don't know ifderaadt2014-04-202-4/+2
| | | | | | | | | | | | | | | | | | | | | | this instance is integer-overflowable, but we cannot keep hand-auditing every instance (or apathetically ignoring these issues) when the simple calloc idiom is better in the presence of a good calloc(). It is simply unfeasible to always enter correct range checks before the aggregate size calculation, just go find some 4000 lines of code, REPAIR THEM ALL, then come back and tell me I am wrong. This only works on systems where calloc() does the integer overflow check, but if your system doesn't do this, you need to ask your vendor WHY THEY ARE 10 YEARS BEHIND IN BEST PRACTICE? This is the kind of problem that needs to be solved at the right layer. malloc integer-overflow was implicated in the 2002 OpenSSH hole. OpenSSH and much other code is now written to use calloc(), for instance OpenSSH has 103 calls to it. We feel safer with our use of calloc(). It is a natural approach for us to use calloc(). How safe do you feel on systems which lack that range check in their calloc()? Good writeup from 2006: http://undeadly.org/cgi?action=article&sid=20060330071917
* Undo a calloc() replacement. It lacks the integer overflow check thatderaadt2014-04-201-14/+1
| | | | the system one has.
* KNF.jsing2014-04-2024-2308/+2268
|
* reset imprint to NULL to avoid double free. from mancha1 at zohotedu2014-04-202-0/+2
|
* release buffers fix was lost in merge. put it back.tedu2014-04-192-2/+4
|
* change some rsh references to ssh. poke by jmctedu2014-04-192-9/+9
|
* More KNF.jsing2014-04-194-74/+84
|
* More KNF.jsing2014-04-196-90/+122
|
* another attempt at fixing stale x509 data. since we don't know where thetedu2014-04-192-20/+16
| | | | | initial storage came from, we can't free it. just memset in the sequence case. probably ok beck
* More KNF.jsing2014-04-1914-157/+163
|
* More KNF.jsing2014-04-192-40/+40
|
* tweak previous;jmc2014-04-191-3/+2
|
* zap trailing whitespace;jmc2014-04-191-2/+2
|
* remove the openssl_fdset wrapper, and a variety of VMS'ism's likederaadt2014-04-196-48/+19
| | | | | crazy (void *) casts all over the place ok beck jsing
* KNF.jsing2014-04-1912-1626/+1628
|
* Remove a gethostbyname() cache layer. The internet works better thesederaadt2014-04-191-50/+1
| | | | days. Initially fixed this, but Ted asked for it to die.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-24 01:52:15 +0000