wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/bn
History
Matt Caswell 9759ff0cd9 Fix off-by-one error in BN_bn2hex 
A BIGNUM can have the value of -0. The function BN_bn2hex fails to account
for this and can allocate a buffer one byte too short in the event of -0
being used, leading to a one byte buffer overrun. All usage within the
OpenSSL library is considered safe. Any security risk is considered
negligible.

With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and
Filip Palian for discovering and reporting this issue.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit c56353071d)

Conflicts:
	crypto/bn/bn_print.c
2015-06-04 09:33:01 +01:00
..
asm Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
.cvsignore Unobtrusive backport of 32-bit x86 Montgomery improvements from 0.9.9-dev: 2008-05-01 23:11:34 +00:00
bn.h Fix off-by-one in BN_rand 2015-05-22 23:48:52 +01:00
bn.mul Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
bn_add.c Re-align some comments after running the reformat script. 2015-01-22 09:53:07 +00:00
bn_asm.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_blind.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_const.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_ctx.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_depr.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_div.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_err.c Fix off-by-one in BN_rand 2015-05-22 23:48:52 +01:00
bn_exp.c Re-align some comments after running the reformat script. 2015-01-22 09:53:07 +00:00
bn_exp2.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_gcd.c Re-align some comments after running the reformat script. 2015-01-22 09:53:07 +00:00
bn_gf2m.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_kron.c Re-align some comments after running the reformat script. 2015-01-22 09:53:07 +00:00
bn_lcl.h Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_mod.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_mont.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_mpi.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_mul.c Re-align some comments after running the reformat script. 2015-01-22 09:53:07 +00:00
bn_nist.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_opt.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_prime.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_prime.h Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_prime.pl Minimize stack utilization in probable_prime [from HEAD]. 2007-09-18 20:55:10 +00:00
bn_print.c Fix off-by-one error in BN_bn2hex 2015-06-04 09:33:01 +01:00
bn_rand.c Fix off-by-one in BN_rand 2015-05-22 23:48:52 +01:00
bn_recp.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_shift.c Reject negative shifts for BN_rshift and BN_lshift 2015-05-22 23:25:22 +01:00
bn_sqr.c Re-align some comments after running the reformat script. 2015-01-22 09:53:07 +00:00
bn_sqrt.c Re-align some comments after running the reformat script. 2015-01-22 09:53:07 +00:00
bn_word.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bn_x931p.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bnspeed.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
bntest.c Tolerate test_sqr errors for FIPS builds. 2015-03-14 22:21:21 +00:00
divtest.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
exp.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
expspeed.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
exptest.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00
Makefile Make update: delete duplicate error code. 2008-09-17 17:11:09 +00:00
todo Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
vms-helper.c Run util/openssl-format-source -v -c . 2015-01-22 09:52:55 +00:00