summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1/tasn_enc.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fix a NULL dereference in GENERAL_NAME_cmp()libressl-v3.2.3tb2020-12-081-1/+20
| | | | | | | | | | | | | | Comparing two GENERAL_NAME structures containing an EDIPARTYNAME can lead to a crash. This enables a denial of service attack for an attacker who can control both sides of the comparison. Issue reported to OpenSSL on Nov 9 by David Benjamin. OpenSSL shared the information with us on Dec 1st. Fix from Matt Caswell (OpenSSL) with a few small tweaks. ok jsing this is errata/6.8/008_asn1.patch.sig
* Require all ASN1_PRIMITIVE_FUNCS functions to be provided.jsing2019-04-011-4/+7
| | | | | | | | | | | | If an ASN.1 item provides its own ASN1_PRIMITIVE_FUNCS functions, require all functions to be provided (currently excluding prim_clear). This avoids situations such as having a custom allocator that returns a specific struct but then is then printed using the default primative print functions, which interpret the memory as a different struct. Found by oss-fuzz, fixes issue #13799. ok beck@, tb@
* Expand ASN1_ITEM_rptr and ASN1_ITEM_ptr macros - no change in generatedjsing2016-12-301-6/+6
| | | | assembly.
* internal only negative types should not be handled here.tedu2016-05-041-3/+1
| | | | CVE-2016-2108 from openssl.
* revert the big change from yesterday to prepare for smaller commits.tedu2016-05-041-1/+3
|
* patch from openssl for multiple issues:tedu2016-05-031-3/+1
| | | | | | | missing padding check in aesni functions overflow in evp encode functions use of invalid negative asn.1 types ok beck
* initialize a pointer to NULL rather than 0mmcc2015-12-221-2/+2
|
* Remove IMPLEMENT_COMPAT_ASN1() and related support code. Nothing uses it inmiod2015-02-141-16/+1
| | | | | | libcrypto/libssl, and nothing seems to use it in the wild, apart from embedded copies of OpenSSL. ok jsing@
* Make asn1_ex_i2c() static. ok jsing@miod2015-02-141-2/+4
|
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-111-2/+2
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53deraadt2014-05-291-1/+1
| | | | | | | | | potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu
* More KNF.jsing2014-04-181-74/+85
|
* add braces missed when fixing leaksjsg2014-04-181-1/+2
|
* lob a few more knf grenades in here to soften things up.tedu2014-04-181-103/+65
|
* putting most of the braces in the right column is the very least we can do.tedu2014-04-181-83/+83
|
* fix some more leaks, mostly suggestions from miodjsg2014-04-171-0/+2
| | | | ok miod@
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-5/+5
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* resolve conflicts, fix local changesdjm2010-10-011-5/+6
|
* resolve conflictsdjm2009-01-091-1/+1
|
* resolve conflictsdjm2008-09-061-162/+352
|
* resolve conflictsdjm2006-06-271-3/+6
|
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-0/+497
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-22 04:07:18 +0000