| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduced in:
commit 79c7f74d6cefd5d32fa20e69195ad3de834ce065
Author: Ben Laurie <ben@links.org>
Date: Tue Mar 29 19:37:57 2016 +0100
Fix buffer overrun in ASN1_parse().
Problem input:
https://tools.ietf.org/html/draft-ietf-curdle-pkix-eddsa-00#section-8.1
-----BEGIN PUBLIC KEY-----
MC0wCAYDK2VkCgECAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=
-----END PUBLIC KEY-----
Previously:
0:d=0 hl=2 l= 45 cons: SEQUENCE
2:d=1 hl=2 l= 8 cons: SEQUENCE
4:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.100
9:d=2 hl=2 l= 1 prim: ENUMERATED :02
Error in encoding
140735164989440:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:148:
Now:
0:d=0 hl=2 l= 45 cons: SEQUENCE
2:d=1 hl=2 l= 8 cons: SEQUENCE
4:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.100
9:d=2 hl=2 l= 1 prim: ENUMERATED :02
12:d=1 hl=2 l= 33 prim: BIT STRING
0000 - 00 19 bf 44 09 69 84 cd-fe 85 41 ba c1 67 dc 3b ...D.i....A..g.;
0010 - 96 c8 50 86 aa 30 b6 b6-cb 0c 5c 38 ad 70 31 66 ..P..0....\8.p1f
0020 - e1 .
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix buffer overrun in asn1_get_length().
Reproducer: asn1parse-reproduce crash-6bfd417f47bc940f6984f5e639b637fd4e6074bc
Fix length calculations.
Reproducer: asn1parse-reproduce crash-1819d0e54cd2b0430626c59053e6077ef04c2ffb
Reproducer: asn1parse-reproduce crash-9969db8603e644ddc0ba3459b51eac7a2c4b729b
Make i long.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
| |
If asn1parse doesn't like a structure print out the content octets
for diagnostic purposes.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
|
| |
Thanks to Guido Vranken <guidovranken@gmail.com> for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
|
|
|
| |
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets ASN1_OBJECT_free and ASN1_STRING_free.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
|
|
| |
Remove {i2d,d2i}_ASN1_BOOLEAN.
Rewrite single occurrence of d2i_ASN1_BOOLEAN in asn1_parse2
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
|
|
|
|
| |
Remove old M_ASN1_ macros and replace any occurences with the corresponding
function.
Remove d2i_ASN1_bytes, d2i_ASN1_SET, i2d_ASN1_SET: no longer used internally.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
| |
Signed-off-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
|
| |
Keep one #if 0 but rename the symbol to be more descriptive of what
it's doing (you can disable support for old broken Netscape software).
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
| |
I also replaced some exit/return wrappers in various
programs (from main) to standardize on return.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
| |
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_wirte error handling in asn1_par.c
|
| |
|
|
|
|
|
|
| |
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith -W -Wunused
-Wno-unused-parameter -Wuninitialized
|
| |
|
|
|
|
|
|
|
|
| |
functions and macros.
This change has associated tags: LEVITTE_before_const and
LEVITTE_after_const. Those will be removed when this change has been
properly reviewed.
|
|
|
|
|
|
|
| |
Use BUF_strlcat() instead of strcat().
Use BIO_snprintf() instead of sprintf().
In some cases, keep better track of buffer lengths.
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
|
| |
|
| |
|
|
|
|
| |
Fix warnings with BIO_dump_indent().
|
|
|
|
|
| |
'openssl asn1parse'. As a side effect, the functions ASN1_parse_dump
and BIO_dump_indent are added.
|
|
|
|
| |
tolerated in certificates.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Submitted by:
Reviewed by:
PR:
|
| |
|
|
|
|
| |
policies extension.
|
| |
|
|
|
|
| |
code and adds support to ASN1_TYPE and asn1parse.
|
| |
|
| |
|
|
|