openssl/apps
Matt Caswell 9d7ec8090e Don't use an uninitialised variable in srp application
The srp application created an uninitialised DB_ATTR object and then
passed it to the load_index function which attempted to read it. A
DB_ATTR object only contains a single field called "unique_subject".
AFAICT this attribute is unused in the SRP case, and therefore it would be
better to pass a NULL DB_ATTR to load_index (which handles that case
gracefully).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-29 16:47:41 +01:00
..
demoCA Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
demoSRP Missing SRP files. 2011-03-16 11:50:33 +00:00
app_rand.c Add a no-egd option to disable EGD-related code 2016-01-14 13:02:51 -05:00
apps.c various spelling fixes 2016-04-28 14:22:26 -04:00
apps.h Make string_to_hex/hex_to_string public 2016-04-18 09:02:11 -04:00
asn1pars.c Deprecate OBJ_cleanup() and make it a no-op 2016-04-13 08:52:33 +01:00
build.info Fix no-stdio and no-autoalginit 2016-04-14 16:41:03 +01:00
ca-cert.srl Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
ca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca.c Deprecate OBJ_cleanup() and make it a no-op 2016-04-13 08:52:33 +01:00
CA.pl.in Copyright consolidation: perl files 2016-04-20 09:45:40 -04:00
cert.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ciphers.c Use minimum and maximum protocol version instead of version fixed methods 2016-03-09 19:38:56 +01:00
client.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
cms.c Make string_to_hex/hex_to_string public 2016-04-18 09:02:11 -04:00
crl.c Check for a NULL return value from a call to X509_STORE_CTX_new() 2016-04-29 16:47:41 +01:00
crl2p7.c argv was set but unused 2016-02-20 14:53:53 +01:00
ct_log_list.cnf Extends s_client to allow a basic CT policy to be enabled 2016-03-04 10:50:10 -05:00
dgst.c Remove unused parameters from internal functions 2016-02-22 13:39:44 -05:00
dh1024.pem Include SKIP DH parameters with OpenSSL. 2000-08-02 09:04:44 +00:00
dh2048.pem Include SKIP DH parameters with OpenSSL. 2000-08-02 09:04:44 +00:00
dh4096.pem Include SKIP DH parameters with OpenSSL. 2000-08-02 09:04:44 +00:00
dhparam.c Make DH opaque 2016-04-09 10:10:55 +01:00
dsa-ca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa-pca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa.c Make DSA_METHOD opaque 2016-04-03 00:23:56 +01:00
dsa512.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
dsa1024.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
dsap.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
dsaparam.c Fix mixed declarations and code 2016-04-03 21:49:24 -04:00
ec.c argv was set but unused 2016-02-20 14:53:53 +01:00
ecparam.c argv was set but unused 2016-02-20 14:53:53 +01:00
enc.c Remove some unused argc assignments 2016-04-21 10:51:57 +01:00
engine.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
errstr.c Remove some unused argc assignments 2016-04-21 10:51:57 +01:00
gendsa.c Make DSA_METHOD opaque 2016-04-03 00:23:56 +01:00
genpkey.c GH715: ENGINE_finish can take NULL 2016-02-25 15:19:42 -05:00
genrsa.c Make the RSA structure opaque 2016-04-06 16:19:17 +02:00
nseq.c argv was set but unused 2016-02-20 14:53:53 +01:00
ocsp.c Fix no-sock on Windows 2016-04-20 14:52:46 +01:00
openssl-vms.cnf Remove outdated legacy crypto options 2016-01-27 19:05:50 -05:00
openssl.c Remove the never-functional no-sct 2016-04-26 08:32:10 -04:00
openssl.cnf Use better defaults for TSA. 2015-11-20 13:40:53 +00:00
opt.c Fix no-ocsp on Windows (and probably VMS) 2016-04-21 17:03:02 +01:00
passwd.c Fix passwd seg fault 2016-04-27 09:17:37 +01:00
pca-cert.srl Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
pca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pkcs7.c Fix NULL deref in apps/pkcs7 2016-04-25 11:44:24 -04:00
pkcs8.c Add missing return value check in pkcs8 app 2016-04-21 10:51:57 +01:00
pkcs12.c Make many X509_xxx types opaque. 2016-04-15 13:21:43 -04:00
pkey.c argv was set but unused 2016-02-20 14:53:53 +01:00
pkeyparam.c argv was set but unused 2016-02-20 14:53:53 +01:00
pkeyutl.c Add KDF support to pkeyutl. Update documentation. 2016-03-03 16:07:25 +00:00
prime.c Add missing return value checks 2016-04-21 10:51:57 +01:00
privkey.pem PR: 1644 2009-09-06 15:49:46 +00:00
progs.h make update 2016-04-29 09:09:46 +02:00
progs.pl apps/progs.pl: don't make digests disablable by default 2016-04-29 09:08:06 +02:00
rand.c RT4227: Range-check in apps. 2016-01-12 01:00:31 -05:00
rehash.c Make string_to_hex/hex_to_string public 2016-04-18 09:02:11 -04:00
req.c Deprecate OBJ_cleanup() and make it a no-op 2016-04-13 08:52:33 +01:00
req.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
rsa.c Make the RSA structure opaque 2016-04-06 16:19:17 +02:00
rsa8192.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
rsautl.c Remove unused parameters from internal functions 2016-02-22 13:39:44 -05:00
s512-key.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s512-req.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s1024key.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s1024req.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s_apps.h Remove Netware and OS/2 2016-03-17 17:06:57 -04:00
s_cb.c Remove some dead code 2016-04-21 10:51:57 +01:00
s_client.c Fix missing break in option parsing 2016-04-21 10:51:57 +01:00
s_server.c Fix building with -DCHARSET_EBCDIC 2016-04-29 15:04:15 +01:00
s_socket.c Fix no-sock 2016-03-21 16:33:59 +00:00
s_time.c Fix no-sock 2016-03-21 16:33:59 +00:00
server.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
server.srl Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
server2.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
sess_id.c argv was set but unused 2016-02-20 14:53:53 +01:00
smime.c Remove unused parameters from internal functions 2016-02-22 13:39:44 -05:00
speed.c Rename some lowercase API's 2016-04-18 08:22:00 -04:00
spkac.c argv was set but unused 2016-02-20 14:53:53 +01:00
srp.c Don't use an uninitialised variable in srp application 2016-04-29 16:47:41 +01:00
testCA.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testdsa.h Deprecate RAND_cleanup() and make it a no-op 2016-04-13 08:52:33 +01:00
testrsa.h Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
timeouts.h Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
ts.c Remove some unneccessary assignments to argc 2016-04-21 10:51:57 +01:00
tsget.in Make the use of perl more consistent 2016-04-01 07:24:04 +02:00
verify.c Make many X509_xxx types opaque. 2016-04-15 13:21:43 -04:00
version.c Rename some lowercase API's 2016-04-18 08:22:00 -04:00
vms_decc_init.c Force argv to be an array of long pointers on VMS 2016-04-01 16:23:35 +02:00
winrand.c Big apps cleanup (option-parsing, etc) 2015-04-24 15:26:15 -04:00
x509.c Fix some code maintenance issues 2016-04-21 10:51:57 +01:00