#
7b8cc9b3 |
| 04-Apr-2016 |
Matt Caswell |
Deprecate OBJ_cleanup() and make it a no-op OBJ_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@ope
Deprecate OBJ_cleanup() and make it a no-op OBJ_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
22c84afa |
| 04-Apr-2016 |
Matt Caswell |
Deprecate EVP_cleanup() and make it a no-op EVP_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@ope
Deprecate EVP_cleanup() and make it a no-op EVP_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre4, OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12, OpenSSL_1_0_1r, OpenSSL_1_0_2f, OpenSSL_1_1_0-pre2 |
|
#
34980760 |
| 18-Dec-2015 |
Rich Salz |
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
#
63c75cd6 |
| 24-Dec-2015 |
Dr. Stephen Henson |
Add lh_doall inlining Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
62d0577e |
| 24-Dec-2015 |
Dr. Stephen Henson |
Add lh_new() inlining Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
e6b5c341 |
| 11-Jan-2016 |
Dr. Stephen Henson |
Inline LHASH_OF Make LHASH_OF use static inline functions. Add new lh_get_down_load and lh_set_down_load functions and their typesafe inline equivalents. Make lh_error
Inline LHASH_OF Make LHASH_OF use static inline functions. Add new lh_get_down_load and lh_set_down_load functions and their typesafe inline equivalents. Make lh_error a function instead of a macro. Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
#
7644a9ae |
| 16-Dec-2015 |
Rich Salz |
Rename some BUF_xxx to OPENSSL_xxx Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old nam
Rename some BUF_xxx to OPENSSL_xxx Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen} Add #define's for the old names. Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros. Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e, OpenSSL_1_0_1p, OpenSSL_1_0_2d, OpenSSL-fips-2_0_11, OpenSSL_1_0_1o, OpenSSL_1_0_2c, OpenSSL_0_9_8zg, OpenSSL_1_0_0s, OpenSSL_1_0_1n, OpenSSL_1_0_2b |
|
#
0fb99904 |
| 08-Jun-2015 |
Dr. Stephen Henson |
return correct NID for undefined object Reviewed-by: Tim Hudson <tjh@openssl.org>
|
#
b39fc560 |
| 14-May-2015 |
Richard Levitte |
Identify and move common internal libcrypto header files There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and ada
Identify and move common internal libcrypto header files There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
#
2b8dc08b |
| 11-May-2015 |
Hanno Böck |
Call of memcmp with null pointers in obj_cmp() The function obj_cmp() (file crypto/objects/obj_dat.c) can in some situations call memcmp() with a null pointer and a zero length.
Call of memcmp with null pointers in obj_cmp() The function obj_cmp() (file crypto/objects/obj_dat.c) can in some situations call memcmp() with a null pointer and a zero length. This is invalid behaviour. When compiling openssl with undefined behaviour sanitizer (add -fsanitize=undefined to compile flags) this can be seen. One example that triggers this behaviour is the pkcs7 command (but there are others, e.g. I've seen it with the timestamp function): apps/openssl pkcs7 -in test/testp7.pem What happens is that obj_cmp takes objects of the type ASN1_OBJECT and passes their ->data pointer to memcmp. Zero-sized ASN1_OBJECT structures can have a null pointer as data. RT#3816 Signed-off-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
#
56d88027 |
| 12-May-2015 |
Gunnar Kudrjavets |
Fix the heap corruption in libeay32!OBJ_add_object. Original 'sizeof(ADDED_OBJ)' was replaced with 'sizeof(*ao)'. However, they return different sizes. Therefore as the result heap gets
Fix the heap corruption in libeay32!OBJ_add_object. Original 'sizeof(ADDED_OBJ)' was replaced with 'sizeof(*ao)'. However, they return different sizes. Therefore as the result heap gets corrupted and at some point later debug version of malloc() detects the corruption. On x86 we can observe that as follows: sizeof(*ao) == 4 sizeof(*ao[0]) == sizeof(ADDED_OBJ) == 8 Issue reproduces with either enabling CRT debug heap or Application Verifier's full-page heap. Basic debugging data from the moment the corruption is first detected: 0:000:x86> | . 0 id: 283c create name: openssl.exe 0:000:x86> kcn # 00 MSVCR120D!_heap_alloc_dbg_impl 01 MSVCR120D!_nh_malloc_dbg_impl 02 MSVCR120D!_nh_malloc_dbg 03 MSVCR120D!malloc 04 LIBEAY32!default_malloc_ex 05 LIBEAY32!CRYPTO_malloc 06 LIBEAY32!lh_insert 07 LIBEAY32!OBJ_add_object 08 LIBEAY32!OBJ_create 09 openssl!add_oid_section 0a openssl!req_main 0b openssl!do_cmd 0c openssl!main 0d openssl!__tmainCRTStartup 0e openssl!mainCRTStartup 0f KERNEL32!BaseThreadInitThunk 10 ntdll_77d60000!__RtlUserThreadStart 11 ntdll_77d60000!_RtlUserThreadStart Signed-off-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL-fips-2_0_10 |
|
#
75ebbd9a |
| 06-May-2015 |
Rich Salz |
Use p==NULL not !p (in if statements, mainly) Reviewed-by: Tim Hudson <tjh@openssl.org>
|
#
b4faea50 |
| 02-May-2015 |
Rich Salz |
Use safer sizeof variant in malloc For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p change
Use safer sizeof variant in malloc For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
b548a1f1 |
| 01-May-2015 |
Rich Salz |
free null cleanup finale Don't check for NULL before calling OPENSSL_free Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
23a1d5e9 |
| 01-May-2015 |
Rich Salz |
free NULL cleanup 7 This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free
free NULL cleanup 7 This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
b196e7d9 |
| 28-Apr-2015 |
Rich Salz |
remove malloc casts Following ANSI C rules, remove the casts from calls to OPENSSL_malloc and OPENSSL_realloc. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_0_9_8zf, OpenSSL_1_0_0r, OpenSSL_1_0_1m, OpenSSL_1_0_2a |
|
#
2e430277 |
| 15-Mar-2015 |
Dr. Stephen Henson |
make ASN1_OBJECT opaque Reviewed-by: Matt Caswell <matt@openssl.org>
|
#
a00ae6c4 |
| 27-Jan-2015 |
Rich Salz |
OPENSSL_NO_xxx cleanup: many removals The following compile options (#ifdef's) are removed: OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY OPENSSL_NO_EVP OPENSSL_NO
OPENSSL_NO_xxx cleanup: many removals The following compile options (#ifdef's) are removed: OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY This diff is big because of updating the indents on preprocessor lines. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
68b00c23 |
| 23-Jan-2015 |
Rich Salz |
ifdef cleanup part 3: OPENSSL_SYSNAME Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx Remove MS_STATIC; it's a relic from platforms <32 bits. Reviewed-by: Andy Polyakov <appro@ope
ifdef cleanup part 3: OPENSSL_SYSNAME Rename OPENSSL_SYSNAME_xxx to OPENSSL_SYS_xxx Remove MS_STATIC; it's a relic from platforms <32 bits. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_2, master-post-auto-reformat |
|
#
0f113f3e |
| 22-Jan-2015 |
Matt Caswell |
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
|
Revision tags: OpenSSL_1_0_2-post-auto-reformat, OpenSSL_0_9_8-post-auto-reformat, OpenSSL_0_9_8-pre-auto-reformat, OpenSSL_1_0_0-post-auto-reformat, OpenSSL_1_0_0-pre-auto-reformat, OpenSSL_1_0_1-post-auto-reformat, OpenSSL_1_0_1-pre-auto-reformat, master-post-reformat, OpenSSL_0_9_8-pre-reformat, OpenSSL_0_9_8ze, OpenSSL_1_0_0-pre-reformat, OpenSSL_1_0_0q, OpenSSL_1_0_1-pre-reformat, OpenSSL_1_0_1l, master-pre-reformat, OpenSSL_1_0_2-pre-reformat, OpenSSL_0_9_8zd, OpenSSL_1_0_0p, OpenSSL_1_0_1k, OpenSSL_0_9_8-post-reformat, OpenSSL-fips-2_0_9, OpenSSL_1_0_1j, OpenSSL_1_0_0o, OpenSSL_0_9_8zc, OpenSSL_1_0_2-beta3, OpenSSL_0_9_8zb, OpenSSL_1_0_0n, OpenSSL_1_0_1i, OpenSSL_1_0_2-beta2, OpenSSL-fips-2_0_8 |
|
#
0042fb5f |
| 02-Jul-2014 |
Emilia Kasper |
Fix OID handling: - Upon parsing, reject OIDs with invalid base-128 encoding. - Always NUL-terminate the destination buffer in OBJ_obj2txt printing function. CVE-2014-3508
Fix OID handling: - Upon parsing, reject OIDs with invalid base-128 encoding. - Always NUL-terminate the destination buffer in OBJ_obj2txt printing function. CVE-2014-3508 Reviewed-by: Dr. Stephen Henson <steve@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
#
d11c70b2 |
| 08-Jul-2014 |
Andy Polyakov |
Please Clang's sanitizer, addendum.
|
Revision tags: OpenSSL_1_0_1h, OpenSSL_1_0_0m, OpenSSL_0_9_8za, OpenSSL-fips-2_0_7, OpenSSL_1_0_1g, OpenSSL_1_0_2-beta1, OpenSSL_1_0_0l, OpenSSL_1_0_1f, OpenSSL-fips-2_0_6, OpenSSL-fips-2_0_5, OpenSSL-fips-2_0_4 |
|
#
478b50cf |
| 12-Jun-2013 |
Veres Lajos |
misspellings fixes by https://github.com/vlajos/misspell_fixer
|
Revision tags: OpenSSL-fips-2_0_3, OpenSSL_1_0_1e, OpenSSL_0_9_8y, OpenSSL_1_0_0k, OpenSSL_1_0_1d, OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1, OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e, OpenSSL_1_0_0d, OpenSSL_0_9_8r, OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a, OpenSSL_1_0_0, OpenSSL_0_9_8n, OpenSSL_0_9_8m, OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5, OpenSSL_1_0_0-beta4 |
|
#
709a395d |
| 10-Nov-2009 |
Dr. Stephen Henson |
PR: 2091 Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson Approved by: steve@openssl.org If an OID has no short name or long name return the numerical representation.
|
Revision tags: OpenSSL_0_9_8l, OpenSSL_1_0_0-beta3, OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k, OpenSSL_0_9_8j |
|
#
6343829a |
| 12-Nov-2008 |
Geoff Thorpe |
Revert the size_t modifications from HEAD that had led to more knock-on work than expected - they've been extracted into a patch series that can be completed elsewhere, or in a different bran
Revert the size_t modifications from HEAD that had led to more knock-on work than expected - they've been extracted into a patch series that can be completed elsewhere, or in a different branch, before merging back to HEAD.
show more ...
|