summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib/system.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2022-09-04Remove now unused IMPLEMENT_CFBR macro.jsing1-10/+1
2022-09-04Make ssl_create_cipher_list() have a single exittb1-23/+23
This simplifies memory management and makes it easier to see the leak that were introduced in the previous commit. Sprinkle a few malloc errors for consistency. CID 278396 with/ok jsing
2022-09-04Mechanically expand IMPLEMENT_CFBR macros.jsing1-8/+267
Only change to generated assembly is due to the use of EVPerror().
2022-09-03Remove now unused IMPLEMENT_BLOCK_CIPHER macro.jsing4-19/+4
Also remove various comments noting that it cannot be used for certain block ciphers (which kinda defeats the purpose of having a generic implementation in the first place).
2022-09-03Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing1-21/+486
Only change to generated assembly is due to EVPerror()'s use of line numbers.
2022-09-03Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing1-4/+162
No change in generated assembly.
2022-09-03Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing1-8/+161
Only change to generated assembly is due to EVPerror()'s use of line numbers. CVS ----------------------------------------------------------------------
2022-09-03Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing1-6/+162
No change to generated assembly.
2022-09-03Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing1-5/+163
These macros make the ASN.1 macros seem sane - there are layers and layers and layers here, which are hiding bugs. No change to generated assembly. Discussed with tb@
2022-09-03Rewrap some lines, no functional change.jsing1-4/+6
2022-09-03Tidy up asn1_c2i_primitive() slightly.jsing1-8/+8
Rename some variables and consistently goto error. ok tb@
2022-09-03Avoid recycling ASN1_STRINGs when decoding ASN.1.jsing1-14/+12
Rather than recycling an existing ASN1_STRING and changing its type, free it and allocate a replacement. This simplifies the code and potentially avoids bugs resulting from reuse. ok tb@
2022-09-03Remove duplicate prototype that just snuck in.jsing1-3/+1
2022-09-03Ensure a constructed ASN.1 INTEGER is considered invalid when decoding.jsing1-1/+15
2022-09-03Ensure ASN.1 types are appropriately encoded.jsing3-7/+52
Per X.690, some ASN.1 types must be primitive encoded, some must be constructed and some may be either. Add this data to our types table and check the encoding against this information when decoding. ok tb@
2022-09-03Provide c2i_ASN1_ENUMERATED_cbs() and call it from asn1_c2i_primitive().jsing3-9/+33
This avoids asn1_c2i_primitive() from needing knowledge about the internals of ASN1_INTEGER and ASN1_ENUMERATED. ok tb@
2022-09-03Prepare to provide OPENSSL_cleanup.jsing3-6/+30
OPENSSL_cleanup() cleans up and deallocates memory in use by the library. There are a couple of use cases for this, primarily related to memory leak testing. This will not be called automatically in LibreSSL, which means that OpenSSL's OPENSSL_NO_INIT_ATEXIT is implied. If code wants to clean up then they need to explicitly call this themselves. ok tb@
2022-09-03New test coverage for RC4tb3-227/+453
From Joshua Sing
2022-09-03Stop using CBIGNUM_it internal to libcrypto.jsing3-8/+11
CBIGNUM_it is supposed to be the "clear bignum" or "secure" bignum - that is one which zeros its memory after use and ensures that the constant time flags are set... in LibreSSL we always do both of these things for BIGNUMs, so just use BIGNUM_it instead. ok tb@
2022-09-02Rewrite RMD-160 tests to be table-driven.tb3-130/+203
From Joshua Sing
2022-09-02Retire the old crap. Thanks, Joshuatb4-269/+0
2022-09-02Unhook the old md4 and md5 teststb1-3/+1
2022-09-02Link new md test to regress.tb1-1/+2
2022-09-02New md4/md5 regress teststb2-0/+310
These exercise MD4 and MD5 with the test vectors from RFCs 1320 and 1321. From Joshua Sing <joshua () hypera ! dev>
2022-09-02Add two consttb1-3/+3
2022-09-02Make test tables static const and fix a style nittb1-5/+4
2022-09-02Simplify and clean up the ecdsa test a little. Use stdio instead of BIOtb1-195/+177
for output, use 'err' as a label and avoid some silly repetitions.
2022-09-02Retire old SHA teststb6-609/+0
The old tests were incomplete, some of them had no license and the code quality was questionable. The new tests by Joshua Sing cover what they did (and additionally SHA-224 and SHA-384). Many thanks!
2022-09-02Unhook old SHA teststb1-4/+1
2022-09-02Add tests for 1 million repeated "a"tb1-39/+220
From Joshua Sing
2022-09-01Check sk_SSL_CIPHER_push() return valuetb1-4/+11
CID 24797 ok jsing
2022-09-01Link sha test to regresstb1-1/+2
2022-09-01Add a nicely licensed, table-driven test for SHAtb2-0/+448
This tests covers the NIST vectors for SHA-{1,224,256,384,256} and will soon be able to replace the old SHA tests entirely. From Joshua Sing <joshua () hypera ! dev>
2022-08-31Add an empty line for consistency.tb1-1/+2
2022-08-31Recommit -r1.45 but without error checking EVP_PKEY_copy_parameters()tb1-4/+12
EVP_PKEY_copy_parameters() will unconditionally fail if the pkey's ameth has no copy_params(). Obviously this is indistinguishable from actual failure... ok jsing
2022-08-31Revert r1.46. Causes fireworks in regress.tb1-9/+5
2022-08-31Remove most mentions of contexts on the stack.tb2-23/+4
2022-08-31nasty whitespacetb1-9/+9
2022-08-31Rework DSA_size() and ECDSA_size()tb2-43/+32
DSA_size() and ECDSA_size() have a very special hack. They fudge up an ASN1_INTEGER with a size which is typically > 100 bytes, backed by a buffer of size 4. This was "fine", however, since they set buf[0] = 0xff, where the craziness that was i2c_ASN1_INTEGER() only looks at the first octet (one may then ask why a buffer of size 4 was necessary...). This changed with the rewrite of i2c_ASN1_INTEGER(), which doesn't respect this particular hack and rightly assumes that it is fed an actual ASN1_INTEGER... Instead, create an appropriate signature and use i2d to determine its size. Fixes an out-of-bounds read flagged by ASAN and oss-fuzz. ok jsing
2022-08-31Avoid division by zero if no connection was made.tb1-4/+2
CID 184043
2022-08-31Some missing return checkstb1-3/+5
2022-08-31Avoid some buffer overflows in ecdsatesttb1-2/+15
The ASN.1 encoding of the modified ECDSA signature can grow in size due to padding of the ASN.1 integers. Instead of reusing the same signature buffer freshly allocate it. Avoids some buffer overflows caught by ASAN.
2022-08-31Revert previous. Committed the wrong version of the diff.tb1-14/+4
2022-08-31Avoid some buffer overflows in ecdsatesttb1-4/+14
The ASN.1 encoding of the modified ECDSA signature can grow in size due to padding of the ASN.1 integers. Instead of reusing the same signature buffer freshly allocate it. Avoids some buffer overflows caught by ASAN.
2022-08-31Switch loop bounds from size_t to int in check_hosts()tb1-2/+2
sk_num() can return a negative value, in which case the upper bound is SIZE_MAX, which results in a very long for loop. CID 153997 ok jsing
2022-08-31Check return values in ssl_print_tmp_key()tb1-4/+9
Use EVP_PKEY_get0_EC_KEY() instead of the get1 version to avoid an EVP_PKEY_free(). Check return values: if either EVP_PKEY_get0_EC_KEY() or EC_KEY_get0_group() fail, a NULL dereference occurs. CID 43289 ok jsing
2022-08-31Avoid potential NULL dereference in ssl_set_pkey()tb1-5/+9
Switch from X509_get_pubkey() to X509_get0_pubkey() to avoid an unnecessary EVP_PKEY_free(). Check the return values of X509_get0_pubkey() and EVP_PKEY_copy_parameters(). If the former returns NULL, the latter will dereference NULL. CID 25020 ok jsing
2022-08-30Check HMAC() return value to avoid a later use of uninitializedtb1-3/+7
CID 25421
2022-08-30Remove a commented-out sk_push that has been hanging around for > 20 yearstb1-4/+1
2022-08-30chacha20_poly1305_cleanup() should return 1tb1-2/+2
Otherwise EVP_CIPHER_CTX_cleanup() leaks, as spotted by the ASAN CI. ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-07 18:32:13 +0000