summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib/malloc.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2019-05-13The call to fseek(fp, -1, SEEK_END) also sets the reported size tobluhm1-10/+10
this value. To match the expectation of the test again, move this line before the the code that sets the final position. OK yasuoka@
2019-05-12Fix signed overflow in X509_CRL_print().tb1-1/+4
fixes oss-fuzz #14558 ok beck jsing
2019-05-12Revert the other hunk of r1.36 as well: in the case of CCM, ccm.key istb1-1/+11
assigned from aesni_ccm_init_key() via CRYPTO_ccm128_init(), so it needs to be copied over... Pointed out by Guido Vranken. ok jsing
2019-05-12Stop the eyebleed in here and just use callocbeck1-31/+8
2019-05-11$OpenBSD$tb4-0/+4
2019-05-11Remove commented out rc5 bitstb7-20/+6
2019-05-10Initialize EC_KEY_METHOD before use.bcook1-2/+2
Fixes COV-186146 ok tb, beck
2019-05-10Revert part of r1.36: in the case of GCM, gcm.key is assigned fromtb1-1/+7
aesni_gcm_init_key() via CRYPTO_gcm128_init(), so it needs to be copied over... Fixes cryptofuzz issue #14352 and likely also #14374. ok beck jsing
2019-05-10Inroduce malloc_conceal() and calloc_conceal(). Similar to theirotto2-199/+219
counterparts but return memory in pages marked MAP_CONCEAL and on free() freezero() is actually called.
2019-05-09Add a test vector for Streebog 512 from Guido Vrankentb1-1/+2
2019-05-09Fix incorrect carry operation in 512 bit addition: in the casetb1-6/+8
that there is already a carry and Sigma[i-1] == -1, the carry must be kept. From Dmitry Eremin-Solenik. Fixes incorrect Streebog result reported by Guido Vranken.
2019-05-09Proper prototype for main(). Make sparc64 happier.claudio1-2/+4
2019-05-08In DTLS, use_srtp is part of the extended server hello while in TLSv1.3,tb1-2/+3
it is an encrypted extension. Include it in the server hello for now. This will have to be revisited once TLSv1.3 gets there. Fixes SRTP negotiation. Problem found by two rust-openssl regress failures reported by mikeb. with & ok beck
2019-05-08initialize safestack pointersbcook3-6/+6
ok beck@, tb@
2019-05-08Make sure that the tag buffer size is equal to the tag sizetb1-2/+2
in CRYPTO_ccm128_tag(). Otherwise the caller might end up using the part of the tag buffer that was left uninitialized. Issue found by Guido Vranken. ok inoguchi
2019-05-02Add test fseek(,-1) works properly.yasuoka1-3/+8
2019-04-28Avoid an undefined shift in ASN1_ENUMERATED_get().tb1-4/+9
(same fix as in a_int.c rev 1.34) Fixes oss-fuzz issue #13809 ok beck, jsing
2019-04-28Avoid an undefined shift in ASN1_INTEGER_get().tb1-4/+8
Fixes oss-fuzz issue #13804 ok beck, jsing
2019-04-25Use calloc/freezero when allocating and freeing the session ticket data.jsing1-4/+6
The decrypted session ticket contains key material. ok tb@
2019-04-25Use EVP_CIPHER_CTX_{new,free}() and HMAC_CTX_{new,free}() instead ofjsing1-24/+29
allocating on stack. While here also check the return values from EVP_DecryptInit_ex() and HMAC_Init_ex(). ok tb@
2019-04-25Rename some variables in tls_decrypt_ticket().jsing1-18/+18
Rename mlen to hlen since it is a hmac (and this matches hctx and hmac). Rename ctx to cctx since it is a cipher context and ctx is usually used to mean SSL_CTX in this code. ok tb@
2019-04-24Do not check for working go executable during make clean cleandir obj.bluhm1-1/+3
reminded by jsing@
2019-04-24Do not check for working go executable during make clean cleandir obj.bluhm1-1/+3
2019-04-23Convert tls_decrypt_ticket() to CBS.jsing1-44/+72
This removes various pointer arithmetic and manual length checks. ok tb@
2019-04-22Add error checking to i2v_POLICY_MAPPINGS().tb1-9/+26
ok jsing
2019-04-22Add error checking to i2v_POLICY_CONSTRAINTS().tb1-5/+19
ok jsing
2019-04-22Add error checking to i2v_EXTENDED_KEY_USAGE().tb1-8/+23
ok jsing
2019-04-22Add error checking to i2v_ASN1_BIT_STRING().tb1-4/+18
ok jsing
2019-04-22Add error checking to i2v_BASIC_CONSTRAINTS().tb1-3/+18
ok jsing
2019-04-22Add error checking to i2v_AUTHORITY_INFO_ACCESS(). While there, replacetb1-19/+27
an ugly strlen + malloc + strcat/strcpy dance by a simple asprintf(). ok jsing
2019-04-22Avoid potential double frees in i2v_AUTHORITY_KEYID(), i2v_GENERAL_NAME()tb2-6/+22
and i2v_GENERAL_NAMES() by taking ownership of the extlist only if we were passed NULL. Otherwise it remains the caller's responsibility to free it. To do so, we allocate the extlist explicitly instead of using X509V3_add_value()'s implicit allocation feature. Preserve behavior in i2v_AUTHORITY_KEYID() by adding an explicit check that something was pushed onto the stack. The other i2v_* functions will receive a similar treatment in upcoming commits. ok jsing
2019-04-22Provide a derr label (decode/decrypt error) in tls1_decrypt_ticket().jsing1-41/+29
This handles the ret = 2 case and makes the code more readable. ok tb@
2019-04-22Pass the session ID down to the session/ticket handling code as a CBS.jsing4-35/+36
Convert ssl_get_prev_session(), tls1_process_ticket() and tls1_decrypt_ticket() to handle the session ID from the client hello as a CBS. While here also swap the order of arguments for tls1_decrypt_ticket() so that it is consistent with the other functions. ok tb@
2019-04-22Inline and remove the tlsext_tick_md macro.jsing3-6/+5
There is not much point having a tlsext_tick_md macro that replaces EVP_sha256() in two places, when the cipher is just hardcoded. ok tb@
2019-04-21Add error checking to i2v_AUTHORITY_KEYID(), i2v_GENERAL_NAME()tb2-32/+80
and i2v_GENERAL_NAMES(). This fixes a couple of leaks and other ugliness. tweaks & ok jsing
2019-04-21The noop v2i_PKEY_USAGE_PERIOD() has been commented out since becktb1-14/+2
imported OpenSSL 0.9.4 in 1999. It won't ever be used.
2019-04-21Fix awful whitespace in OBJ_bsearch_ext()tb1-5/+6
2019-04-21KNF: use proper wrapping of function return type and nametb3-9/+9
2019-04-21Clean up tls1_process_ticket().jsing1-39/+43
We only have to find one extension, so do that first then proceed with processing and decryption. This makes the code more readable and drops two levels of indent. ok tb@
2019-04-21Cleanup more of tls_decrypt_ticket().jsing1-5/+9
Separate the malloc() check and EVP_DecryptUpdate() - the malloc() failure is fatal while a EVP_DecryptUpdate() is a decryption failure. Also ensure that we clear the error stack in all cases where we are indicating a failure to decrypt or decode the ticket - otherwise SSL_error() while later return failure when it should not. ok tb@
2019-04-21Start cleaning up tls_decrypt_ticket().jsing1-58/+63
Rather than returning from multiple places and trying to clean up as we go, move to a single exit point and clean/free in one place. Also invert the logic that handles NULL sessions - fail early, rather than having an indented if test for success. ok tb@
2019-04-21fix some style nits to reduce noise in an upcoming difftb1-9/+8
2019-04-20Avoid undefined behaviour that results from negating a signed long withjsing1-2/+2
minimum value. Fixes oss-fuzz #14354. ok beck@ bcook@ tb@
2019-04-19Allocate md_data with calloc to avoid use of uninitialised memory.jsing1-6/+6
Found by Guido Vranken when fuzzing and trying to use GOST with HMAC. Fix confirmed by Guido; ok tb@
2019-04-19Allocate fixed NIDs for SM3/SM4.jsing1-0/+12
2019-04-16Rewrite & fix X509V3_add_value()tb1-17/+24
X509V3_add_value() helpfully allocates a STACK_OF(CONF_VALUE) if it receives a pointer to a NULL pointer. If anything fails along the way, it is however the caller's responsibility to free it. This can easily be fixed by freeing *extlist in the error path and zeroing it to avoid a double free if there happens to be a caller out there that avoids the leak. Polish a few things so the function conforms a bit better to our usual style. tweak & ok jsing
2019-04-16indent err: labelstb1-7/+7
2019-04-16wrap an overlong line and kill a space before a tabtb1-3/+4
2019-04-16Move function types to their own lines; rewrap.tb1-30/+40
2019-04-15Avoid signed integer overflow.jsing1-2/+2
Fixes oss-fuzz issue #13843. ok tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 19:29:29 +0000