ring/x509 at b0acb7743f6c1e4b8307b5898598be4f13095f49 - ring - alnyan's gitea

yggdrasil/ring

History

David Benjamin d87021d246 Fix length checks in X509_cmp_time to avoid out-of-bounds reads.

Also tighten X509_cmp_time to reject more than three fractional
seconds in the time; and to reject trailing garbage after the offset.

CVE-2015-1789

(Imported from upstream's 9bc3665ac9e3c36f7762acd3691e1115d250b030)

Change-Id: I2091b2d1b691c177d58dc7960e2e7eb4c97b1f69
Reviewed-on: https://boringssl-review.googlesource.com/5124
Reviewed-by: Adam Langley <agl@google.com>

2015-06-16 19:07:15 +00:00

..

a_digest.c

Fix a_{digest,verify}.c error codepaths.

2014-10-06 23:50:31 +00:00

a_sign.c

Add EVP_DigestVerifyInitFromAlgorithm and EVP_DigestSignAlgorithm.

2014-10-09 21:52:52 +00:00

a_strex.c

Remove string.h from base.h.

2015-02-02 19:14:15 +00:00

a_verify.c

Fix various certificate fingerprint issues.

2015-01-09 19:41:59 +00:00

asn1_gen.c

Enable MSVC warning C4701, use of potentially uninitialized variable.

2015-04-13 20:32:26 +00:00

by_dir.c

Remove remaining calls to the old lock functions.

2015-05-20 19:18:13 +00:00

by_file.c

Eliminate unnecessary includes from low-level crypto modules.

2015-04-13 20:49:18 +00:00

charmap.h

Inital import.

2014-06-20 13:17:32 -07:00

CMakeLists.txt

Add malloc test support to unit tests.

2015-05-21 17:59:48 +00:00

i2d_pr.c

Fix cross-module errors.

2015-02-11 23:11:55 +00:00

pkcs7_test.c

Eliminate unnecessary includes from low-level crypto modules.

2015-04-13 20:49:18 +00:00

pkcs7.c

Eliminate unnecessary includes from low-level crypto modules.

2015-04-13 20:49:18 +00:00

t_crl.c

Shush some dead assignments.

2014-11-06 01:34:33 +00:00

t_x509.c

Use inner algorithm when printing certificate.

2015-01-26 18:37:23 +00:00

t_x509a.c

Inital import.

2014-06-20 13:17:32 -07:00

vpm_int.h

Update API to use (char *) for email addresses and hostnames.

2015-02-13 11:00:48 -08:00

x509_att.c

Fix some missing OBJ_dup failure checks.

2015-05-04 23:17:01 +00:00

x509_cmp.c

Remove string.h from base.h.

2015-02-02 19:14:15 +00:00

x509_d2.c

Inital import.

2014-06-20 13:17:32 -07:00

x509_def.c

Inital import.

2014-06-20 13:17:32 -07:00

x509_ext.c

Inital import.

2014-06-20 13:17:32 -07:00

x509_lu.c

Remove remaining calls to the old lock functions.

2015-05-20 19:18:13 +00:00

x509_obj.c

Remove string.h from base.h.

2015-02-02 19:14:15 +00:00

x509_r2x.c

Inital import.

2014-06-20 13:17:32 -07:00

x509_req.c

Check public key is not NULL.

2015-03-06 18:55:32 +00:00

x509_set.c

Omit version for v1 certificates.

2014-11-10 13:45:32 -08:00

x509_trs.c

Fix error handling in X509_PURPOSE_add and X509_TRUST_add.

2014-11-06 01:44:43 +00:00

x509_txt.c

Inital import.

2014-06-20 13:17:32 -07:00

x509_v3.c

Fix some missing OBJ_dup failure checks.

2015-05-04 23:17:01 +00:00

x509_vfy.c

Fix length checks in X509_cmp_time to avoid out-of-bounds reads.

2015-06-16 19:07:15 +00:00

x509_vpm.c

Require that FOO_free functions do nothing on NULL.

2015-05-04 22:58:13 +00:00

x509.c

Inital import.

2014-06-20 13:17:32 -07:00

x509cset.c

Inital import.

2014-06-20 13:17:32 -07:00

x509name.c

Remove string.h from base.h.

2015-02-02 19:14:15 +00:00

x509rset.c

Inital import.

2014-06-20 13:17:32 -07:00

x509spki.c

Remove string.h from base.h.

2015-02-02 19:14:15 +00:00

x509type.c

Inital import.

2014-06-20 13:17:32 -07:00

x_algor.c

Fix various certificate fingerprint issues.

2015-01-09 19:41:59 +00:00

x_all.c

Fix various certificate fingerprint issues.

2015-01-09 19:41:59 +00:00

x_attrib.c

Inital import.

2014-06-20 13:17:32 -07:00

x_crl.c

Remove last references to named locks.

2015-05-20 19:18:30 +00:00

x_exten.c

Inital import.

2014-06-20 13:17:32 -07:00

x_info.c

Convert reference counts in crypto/

2015-05-20 19:15:26 +00:00

x_name.c

Fix memory leak on malloc failure.

2015-02-10 01:23:34 +00:00

x_pkey.c

Convert reference counts in crypto/

2015-05-20 19:15:26 +00:00

x_pubkey.c

Remove remaining calls to the old lock functions.

2015-05-20 19:18:13 +00:00

x_req.c

Remove last references to named locks.

2015-05-20 19:18:30 +00:00

x_sig.c

Inital import.

2014-06-20 13:17:32 -07:00

x_spki.c

Inital import.

2014-06-20 13:17:32 -07:00

x_val.c

Inital import.

2014-06-20 13:17:32 -07:00

x_x509.c

Remove last references to named locks.

2015-05-20 19:18:30 +00:00

x_x509a.c

Inital import.

2014-06-20 13:17:32 -07:00