wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11194 commits 20 branches 302 tags 153 MiB
Commit graph

21 commits

Author SHA1 Message Date
Matt Caswell
e94118ae2a Replace memset with OPENSSL_cleanse() 
BUF_MEM_free() attempts to cleanse memory using memset immediately prior
to a free. This is at risk of being optimised away by the compiler, so
replace with a call to OPENSSL_cleanse() instead.

With thanks to the Open Crypto Audit Project for reporting this issue.

Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-06-10 10:29:31 +01:00
Matt Caswell
10621efd32 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:38:39 +00:00
Ben Laurie
b93916149d Constification. 2013-10-01 14:53:18 +01:00
Dr. Stephen Henson
82f42a1d2e Typo. 
(cherry picked from commit 415ece7301)
 2013-09-30 14:20:42 +01:00
Dr. Stephen Henson
2f2d33f470 correct error code 2012-04-22 13:31:26 +00:00
Dr. Stephen Henson
8d5505d099 Check for potentially exploitable overflows in asn1_d2i_read_bio 
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
 2012-04-19 12:13:59 +00:00
Dr. Stephen Henson
e650f9988b move some string utilities to buf_str.c to reduce some dependencies (from 0.9.8 branch). 2011-01-09 13:30:34 +00:00
Andy Polyakov
debf380122 size_t-fy crypto/buffer. 2007-10-09 15:52:07 +00:00
Dr. Stephen Henson
9befdf1d20 New utility function to reverse a buffer, either by copying or in-place. 2006-04-10 00:11:30 +00:00
Bodo Möller
aa4ce7315f Fix various incorrect error function codes. 
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
 2005-04-26 18:53:22 +00:00
Richard Levitte
1ae0a83bdd Add BUF_strndup() and BUF_memdup(). Not currently used, but I've code 
that uses them that I'll commit in a few days.
 2003-04-29 22:08:57 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Bodo Möller
b693f941fd Consistency fix in BUF_MEM_grow: Initialise to zero when new memory 
had to be allocated, not just when reusing the existing buffer.
 2001-10-26 13:12:25 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names 
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
 2000-06-01 22:19:21 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>. 
Submitted by:
Reviewed by:
PR:
 1999-04-23 22:13:45 +00:00
Ben Laurie
61f5b6f338 Work with -pedantic! 1999-04-23 15:01:15 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ben Laurie
e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Ben Laurie
e03ddfae7e Accept NULL in *_free. 1999-01-07 19:15:59 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00