Commit graph

573 commits

Author SHA1 Message Date
Emilia Kasper
b9a73f5481 Fix OID handling:
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-06 22:02:00 +01:00
Dr. Stephen Henson
00e86a74bd ASN1 sanity check.
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
(cherry picked from commit 398e99fe5e)
2014-07-02 01:01:55 +01:00
Dr. Stephen Henson
9fb10cfe6b Memory leak and NULL dereference fixes.
PR#3403
(cherry picked from commit d2aea03829)

Conflicts:

	apps/crl2p7.c
	crypto/asn1/a_utctm.c
	crypto/asn1/ameth_lib.c
	crypto/asn1/bio_asn1.c
2014-06-27 15:33:18 +01:00
Dr. Stephen Henson
61e6e80fe5 Set default global mask to UTF8 only.
(cherry picked from commit 3009244da4)
2014-06-01 15:04:49 +01:00
Dr. Stephen Henson
1cbd7456aa Print out DSA key if parameters absent.
In DSA_print DSA parameters can be absent (e.g inherited) it is
not a fatal error.
2013-04-07 22:50:55 +01:00
Dr. Stephen Henson
1643edc63c Encode INTEGER correctly.
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
2013-03-18 14:19:40 +00:00
Dr. Stephen Henson
66e8211c0b Don't try and verify signatures if key is NULL (CVE-2013-0166)
Add additional check to catch this in ASN1_item_verify too.
2013-02-05 16:50:31 +00:00
Bodo Möller
f7d2402cab Fix Valgrind warning.
Submitted by: Adam Langley
2012-09-24 19:50:07 +00:00
Dr. Stephen Henson
4baee3031c PR: 2813
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
2012-05-11 13:49:15 +00:00
Dr. Stephen Henson
556e27b14f Check for potentially exploitable overflows in asn1_d2i_read_bio
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 11:36:09 +00:00
Dr. Stephen Henson
215276243d corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 15:25:53 +00:00
Dr. Stephen Henson
f0be325f88 Fix memory leak cause by race condition when creating public keys.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28 14:47:36 +00:00
Dr. Stephen Henson
b66af23aa9 free headers after use in error message 2012-02-27 16:26:32 +00:00
Dr. Stephen Henson
8a4e81a269 PR: 2711
Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.
2012-02-23 21:50:13 +00:00
Bodo Möller
1c7c69a8a5 Fix memory leak on bad inputs. 2011-09-05 09:56:48 +00:00
Dr. Stephen Henson
82a5049f6a PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:08 +00:00
Dr. Stephen Henson
102bcbce8d correctly encode OIDs near 2^32 2011-06-22 15:15:20 +00:00
Dr. Stephen Henson
a3dc628d86 PR: 2433
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:21:00 +00:00
Dr. Stephen Henson
9ad765173f Fix escaping code for string printing. If *any* escaping is enabled we
must escape the escape character itself (backslash).
2011-01-03 01:26:33 +00:00
Dr. Stephen Henson
6cb5746b65 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:55:57 +00:00
Ben Laurie
d886975835 Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
5e8e7054f7 The OID sanity check was incorrect. It should only disallow *leading* 0x80
values.
2010-03-07 16:40:31 +00:00
Dr. Stephen Henson
b61a87b26c check new_der for NULL too 2009-11-10 00:46:57 +00:00
Dr. Stephen Henson
2c6b141931 PR: 2090
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
2009-11-10 00:40:42 +00:00
Dr. Stephen Henson
381a9f04a0 Fix unitialized warnings 2009-10-04 16:53:18 +00:00
Dr. Stephen Henson
6d73e9d8e8 PR: 2056
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c
2009-10-01 00:12:49 +00:00
Dr. Stephen Henson
17b08b6a64 PR: 1644
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 0.9.8, we just change the macro to avoid making incompatible changes to
the API.
2009-09-06 15:46:46 +00:00
Dr. Stephen Henson
3af16cf694 Backport GeneralizedTime fractional seconds support from HEAD. 2009-08-10 15:15:27 +00:00
Dr. Stephen Henson
059230b320 Reject leading 0x80 in OID subidentifiers. 2009-08-06 16:22:57 +00:00
Dr. Stephen Henson
c60dca1f95 PR: 1868
Submitted by: Paolo Ganci <Paolo.Ganci@AdNovum.CH>
Approved by: steve@openssl.org

Don't set fields to NULL when freeing them up in ASN1 code. On some platforms
with sizeof(long) < sizeof(char *) this can cause a crash.
2009-03-25 10:42:34 +00:00
Dr. Stephen Henson
f021b7cca6 Reject BMPStrings and UniversalStrings of invalid length. This prevents
a crash in ASN1_STRING_print_ex() which assumes they are valid.
2009-03-25 10:35:57 +00:00
Dr. Stephen Henson
044855e146 Permit nested ASN1 string encoding but with a maximum depth to avoid
stack overflow.
2009-03-14 18:33:25 +00:00
Dr. Stephen Henson
ee4041b8bd PR: 1841
Submitted by: Martin Kaiser <lists@kaiser.cx>
Reviewed by: steve@openssl.org

Remove unused code.
2009-03-08 23:05:34 +00:00
Dr. Stephen Henson
72f6453c48 PR: 1835
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org

Fix various typos.
2009-02-14 21:50:14 +00:00
Dr. Stephen Henson
73cb37295d Update from HEAD. 2009-01-28 12:55:36 +00:00
Dr. Stephen Henson
1f35508ae6 Support NumericString for name components. 2009-01-28 12:35:10 +00:00
Dr. Stephen Henson
3795297af8 Change old obsolete email address... 2008-11-05 18:36:57 +00:00
Dr. Stephen Henson
33fd33d423 Fix from HEAD. 2008-11-05 18:29:49 +00:00
Dr. Stephen Henson
c0e9f540e0 Check for errors in ASN1 sign and verify routines. 2008-09-25 16:38:07 +00:00
Dr. Stephen Henson
e852835da6 Make update: delete duplicate error code. 2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
d83dde6180 Merge changes to build system from fips branch. 2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
405f382144 Fix from HEAD. 2008-08-05 15:56:11 +00:00
Bodo Möller
0ff3766b0e Make sure not to read beyond end of buffer 2008-07-16 18:10:28 +00:00
Dr. Stephen Henson
aa9c7e4b8c Oops... PEM_write_bio_ASN1_stream() shouldn't be in 0.9.8 CMS backport. 2008-05-20 12:10:28 +00:00
Ben Laurie
56bef2df4f Fix warning. 2008-05-20 03:05:50 +00:00
Dr. Stephen Henson
8e42429c9d Update default CFLAGS and dependencies. 2008-04-03 23:18:27 +00:00
Dr. Stephen Henson
94b2c29f9d Backport of CMS code to 0.9.8-stable branch. Disabled by default. 2008-04-03 23:03:56 +00:00
Dr. Stephen Henson
090f931a35 Add -DOPENSSL_NO_DEPRECATED to debug-steve* targets. Add headers to make
build work.
2008-04-02 14:51:09 +00:00
Dr. Stephen Henson
9e7459fc5d Backport some useful ASN1 utility functions from HEAD. 2008-04-02 11:11:51 +00:00
Dr. Stephen Henson
30aa23fea2 Update from HEAD. 2008-03-31 14:59:13 +00:00