aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/asn1/tasn_dec.c
Commit message (Collapse)AuthorAgeFilesLines
* Don't set choice selector on parse failure.Dr. Stephen Henson2016-11-101-7/+7
| | | | | | | | | | | | Don't set choice selector on parse failure: this can pass unexpected values to the choice callback. Instead free up partial structure directly. CVE-2016-7053 Thanks to Tyler Nighswander of ForAllSecure for reporting this issue. Reviewed-by: Richard Levitte <levitte@openssl.org>
* spelling fixes, just comments and readme.klemens2016-08-051-1/+1
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1413)
* Don't indicate errors during initial adb decode.Dr. Stephen Henson2016-07-061-1/+1
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Change (!seqtt) to (seqtt == NULL)Richard Levitte2016-06-151-3/+3
| | | | | Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Always check that the value returned by asn1_do_adb() is non-NULLRichard Levitte2016-06-151-0/+2
| | | | | Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Check for overflows in EOC.Dr. Stephen Henson2016-06-041-3/+9
| | | | | | RT#4474 (partial) Reviewed-by: Rich Salz <rsalz@openssl.org>
* Rename lh_xxx,sk_xxx tp OPENSSL_{LH,SK}_xxxRich Salz2016-05-201-1/+1
| | | | | | | | | | | | Rename sk_xxx to OPENSSL_sk_xxx and _STACK to OPENSSL_STACK Rename lh_xxx API to OPENSSL_LH_xxx and LHASH_NODE to OPENSSL_LH_NODE Make lhash stuff opaque. Use typedefs for function pointers; makes the code simpler. Remove CHECKED_xxx macros. Add documentation; remove old X509-oriented doc. Add API-compat names for entire old API Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* Copyright consolidation 08/10Rich Salz2016-05-171-54/+5
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Fix ASN1_INTEGER handling.Dr. Stephen Henson2016-05-031-2/+0
| | | | | | | | | | | | | | Only treat an ASN1_ANY type as an integer if it has the V_ASN1_INTEGER tag: V_ASN1_NEG_INTEGER is an internal only value which is never used for on the wire encoding. Thanks to David Benjamin <davidben@google.com> for reporting this bug. This was found using libFuzzer. RT#4364 (part)CVE-2016-2108. Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Fix memory leaks in ASN.1Emilia Kasper2016-04-041-1/+8
| | | | | | | | | These leaks affect 1.1.0 dev branch only; introduced around commit f93ad22f6adb00e722c130e792799467f3927b56 Found with LibFuzzer Reviewed-by: Ben Laurie <ben@openssl.org>
* GH601: Various spelling fixes.FdaSilvaYY2016-02-051-1/+1
| | | | | Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Remove /* foo.c */ commentsRich Salz2016-01-261-1/+0
| | | | | | | | | | | | This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Fix possible memory leak on BUF_MEM_grow_clean failureFdaSilvaYY2016-01-241-8/+6
| | | | | | | | | Simplify BUF_MEM init. code Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #580
* free item after sk_push failmrpre2016-01-231-0/+1
| | | | | Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Continue standardising malloc style for libcryptoMatt Caswell2015-11-091-1/+1
| | | | | | | Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Free up ASN.1 structures at top level only.Dr. Stephen Henson2015-10-051-28/+40
| | | | | | | | When a decoding error in ASN.1 occurs only free up the partial structure at the top level. This simplifies embedded handling and fixes freeing up of structures when presented with malformed input. Reviewed-by: Rich Salz <rsalz@openssl.org>
* New ASN.1 embed macro.Dr. Stephen Henson2015-09-161-0/+10
| | | | | | | | | | | | | | | | | | | New ASN.1 macro ASN1_EMBED. This is the same as ASN1_SIMPLE except the structure is not allocated: it is part of the parent. That is instead of FOO *x; it must be: FOO x; This reduces memory fragmentation and make it impossible to accidentally set a mandatory field to NULL. This currently only works for SEQUENCE and since it is equivalent to ASN1_SIMPLE it cannot be tagged, OPTIONAL, SET OF or SEQUENCE OF. Reviewed-by: Rich Salz <rsalz@openssl.org>
* d2i: don't update input pointer on failureKurt Roeckx2015-09-141-2/+2
| | | | | Reviewed-by: Dr. Stephen Henson <steve@openssl.org> MR #1005
* Initialize potentially uninitialized local variablesGunnar Kudrjavets2015-05-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Compiling OpenSSL code with MSVC and /W4 results in a number of warnings. One category of warnings is particularly interesting - C4701 (potentially uninitialized local variable 'name' used). This warning pretty much means that there's a code path which results in uninitialized variables being used or returned. Depending on compiler, its options, OS, values in registers and/or stack, the results can be nondeterministic. Cases like this are very hard to debug so it's rational to fix these issues. This patch contains a set of trivial fixes for all the C4701 warnings (just initializing variables to 0 or NULL or appropriate error code) to make sure that deterministic values will be returned from all the execution paths. RT#3835 Signed-off-by: Matt Caswell <matt@openssl.org> Matt's note: All of these appear to be bogus warnings, i.e. there isn't actually a code path where an unitialised variable could be used - its just that the compiler hasn't been able to figure that out from the logic. So this commit is just about silencing spurious warnings. Reviewed-by: Rich Salz <rsalz@openssl.org>
* free null cleanup finaleRich Salz2015-05-011-3/+2
| | | | | | Don't check for NULL before calling OPENSSL_free Reviewed-by: Richard Levitte <levitte@openssl.org>
* Make asn1_ex_i2c, asn1_ex_c2i static.Dr. Stephen Henson2015-03-281-2/+4
| | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Move more internal only functions to asn1_locl.hDr. Stephen Henson2015-03-261-15/+6
| | | | Reviewed-by: Matt Caswell <matt@openssl.org>
* Move internal only ASN.1 functions to asn1_locl.hDr. Stephen Henson2015-03-251-0/+1
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Remove old style ASN.1 support.Dr. Stephen Henson2015-03-231-64/+2
| | | | | | | | | Remove old ASN.1 COMPAT type. This was meant as a temporary measure so older ASN.1 code (from OpenSSL 0.9.6) still worked. It's a hack which breaks constification and hopefully nothing uses it now, if it ever did. Reviewed-by: Matt Caswell <matt@openssl.org>
* Free up ADB and CHOICE if already initialised.Dr. Stephen Henson2015-03-191-3/+21
| | | | | | | CVE-2015-0287 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* clang on Linux x86_64 complains about unreachable code.Richard Levitte2015-01-291-1/+0
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Run util/openssl-format-source -v -c .Matt Caswell2015-01-221-1233/+1079
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Fix strange formatting by indentMatt Caswell2015-01-221-9/+18
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Reject invalid constructed encodings.Dr. Stephen Henson2014-12-171-0/+8
| | | | | | | According to X6.90 null, object identifier, boolean, integer and enumerated types can only have primitive encodings: return an error if any of these are received with a constructed encoding. Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Fix warnings.Ben Laurie2010-06-121-2/+1
|
* Update from stable branch.Dr. Stephen Henson2009-03-251-2/+0
|
* Update from stable branch.Dr. Stephen Henson2009-03-251-0/+12
|
* Update from stable branch.Dr. Stephen Henson2009-03-141-9/+21
|
* Revert the size_t modifications from HEAD that had led to moreGeoff Thorpe2008-11-121-3/+2
| | | | | | knock-on work than expected - they've been extracted into a patch series that can be completed elsewhere, or in a different branch, before merging back to HEAD.
* Update obsolete email address...Dr. Stephen Henson2008-11-051-1/+1
|
* size_tification.Ben Laurie2008-11-011-2/+3
|
* More type-checking.Ben Laurie2008-06-041-4/+6
|
* Update from 0.9.7-stable.Dr. Stephen Henson2007-01-231-1/+1
|
* Initial, incomplete support for typesafe macros without using functionDr. Stephen Henson2006-11-161-3/+5
| | | | casts.
* Fix ASN.1 parsing of certain invalid structures that can resultMark J. Cox2006-09-281-0/+1
| | | | in a denial of service. (CVE-2006-2937) [Steve Henson]
* Fix leakDr. Stephen Henson2006-08-311-0/+3
|
* Tolerate a SEQUENCE in DN components.Dr. Stephen Henson2006-02-191-1/+1
|
* p could be uninitializedNils Larsch2006-02-081-1/+7
|
* Ignore zero length constructed segments.Dr. Stephen Henson2006-01-311-1/+1
|
* add additional checks + cleanupNils Larsch2006-01-291-0/+2
| | | | Submitted by: David Hartman <david_hartman@symantec.com>
* Extend callback function to support print customization.Dr. Stephen Henson2005-09-011-4/+4
|
* Fix more error codes.Bodo Möller2005-05-111-14/+14
| | | | | (Also improve util/ck_errf.pl script, and occasionally fix source code formatting.)
* Typo.Dr. Stephen Henson2005-04-301-1/+1
|
* Don't attempt to parse nested ASN1 strings by default.Dr. Stephen Henson2005-04-301-2/+7
|
* Use more efficient way to locate end of an ASN1 structure.Dr. Stephen Henson2005-04-301-4/+59
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-24 03:58:53 +0000