openssl/crypto
Matt Caswell 1a9499cf23 Reject negative shifts for BN_rshift and BN_lshift
The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.

Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 7cc18d8158)

Conflicts:
	crypto/bn/bn.h
	crypto/bn/bn_err.c
2015-05-22 23:19:34 +01:00
..
aes aes/asm/aesni-sha256-x86_64.pl: fix Windows compilation failure with old assembler. 2015-05-13 17:00:06 +02:00
asn1 Fix encoding bug in i2c_ASN1_INTEGER 2015-04-18 14:43:33 +01:00
bf Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
bio Clarify logic in BIO_*printf functions 2015-04-30 23:21:53 +01:00
bn Reject negative shifts for BN_rshift and BN_lshift 2015-05-22 23:19:34 +01:00
buffer Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
camellia Fix crash in SPARC T4 XTS. 2015-02-24 10:12:57 +01:00
cast Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
cmac Add NULL checks from master 2015-05-13 12:55:03 -04:00
cms Code style: space after 'if' 2015-04-16 13:50:01 -04:00
comp Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
conf RT3670: Check return from BUF_MEM_grow_clean 2015-02-12 13:01:33 -05:00
des Sanity check DES_enc_write buffer length 2015-04-30 23:14:55 +01:00
dh Code style: space after 'if' 2015-04-16 13:50:01 -04:00
dsa Code style: space after 'if' 2015-04-16 13:50:01 -04:00
dso Code style: space after 'if' 2015-04-16 13:50:01 -04:00
ec Add sanity check to print_bin function 2015-04-30 23:21:53 +01:00
ecdh Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ecdsa Fix RAND_(pseudo_)?_bytes returns 2015-03-25 12:41:28 +00:00
engine Remove unused eng_rsax and related asm file 2015-01-26 10:46:26 -05:00
err Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
evp Correctly check for export size limit 2015-05-20 22:19:34 +02:00
hmac Code style: space after 'if' 2015-04-16 13:50:01 -04:00
idea Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
jpake Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
krb5 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
lhash Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
md2 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
md4 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
md5 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
mdc2 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
modes Appease clang -Wshadow 2015-04-08 17:59:41 +02:00
objects Call of memcmp with null pointers in obj_cmp() 2015-05-13 15:28:48 +01:00
ocsp Code style: space after 'if' 2015-04-16 13:50:01 -04:00
pem Fix formatting error in pem.h 2015-01-22 14:11:04 +00:00
perlasm Fix crash in SPARC T4 XTS. 2015-02-24 10:12:57 +01:00
pkcs7 PKCS#7: avoid NULL pointer dereferences with missing content 2015-03-19 12:58:35 +00:00
pkcs12 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
pqueue Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
rand Code style: space after 'if' 2015-04-16 13:50:01 -04:00
rc2 Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
rc4 Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
rc5 Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ripemd Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
rsa Fix buffer overrun in RSA signing 2015-04-30 23:21:53 +01:00
seed Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
sha sha/asm/sha*-armv8.pl: add Denver and X-Gene esults. 2015-04-02 09:51:32 +02:00
srp Code style: space after 'if' 2015-04-16 13:50:01 -04:00
stack Fix memset call in stack.c 2015-03-17 13:48:04 +00:00
store Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
threads Code style: space after 'if' 2015-04-16 13:50:01 -04:00
ts Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
txt_db Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ui Assume TERMIOS is default, remove TERMIO on all Linux. 2015-02-22 08:10:29 +01:00
whrlpool Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
x509 Correctly check for export size limit 2015-05-20 22:19:34 +02:00
x509v3 Add missing NULL check in X509V3_parse_list() 2015-05-11 12:19:54 +01:00
.cvsignore
alphacpuid.pl
arm64cpuid.S Add linux-aarch64 taget. 2014-06-10 23:20:55 +02:00
arm_arch.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
armcap.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
armv4cpuid.S Remove inconsistency in ARM support. 2015-01-06 11:14:23 +01:00
constant_time_locl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
constant_time_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
cpt_err.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
cryptlib.c RT3820: Don't call GetDesktopWindow() 2015-05-02 08:01:52 -04:00
cryptlib.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
crypto-lib.com Adjust VMS build to Unix build. Most of all, make it so the disabled 2014-06-18 13:43:09 +02:00
crypto.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
cversion.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ebcdic.c Appease clang -Wempty-translation-unit 2015-04-08 17:59:40 +02:00
ebcdic.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ex_data.c Fix memory leak reporting. 2015-02-09 13:01:15 +00:00
fips_err.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
fips_ers.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ia64cpuid.S
install-crypto.com Adjust VMS build to Unix build. Most of all, make it so the disabled 2014-06-18 13:43:09 +02:00
LPdir_nyi.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_unix.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_vms.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_win.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_win32.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
LPdir_wince.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
Makefile Make output from openssl version -f consistent with previous versions 2015-01-13 11:28:54 +00:00
md32_common.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
mem.c Fix CRYPTO_strdup 2015-04-22 17:20:38 +01:00
mem_clr.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
mem_dbg.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_dir.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_dir.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_dir_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_fips.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_init.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_str.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_str.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
o_time.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
o_time.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
opensslconf.h.in
opensslv.h Prepare for 1.0.2b-dev 2015-03-19 13:34:56 +00:00
ossl_typ.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
pariscid.pl PA-RISC assembler pack: switch to bve in 64-bit builds. 2013-06-30 23:13:23 +02:00
ppc_arch.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ppccap.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ppccpuid.pl Initial POWER8 support from development branch. 2014-07-20 14:36:49 +02:00
s390xcap.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s390xcpuid.S
sparc_arch.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
sparccpuid.S sparcv9cap.c: update from master. 2013-05-20 00:16:18 +02:00
sparcv9cap.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
symhacks.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
uid.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
vms_rms.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
x86_64cpuid.pl x86[_64]cpuid.pl: add low-level RDSEED. 2014-02-14 17:25:14 +01:00
x86cpuid.pl x86[_64]cpuid.pl: add low-level RDSEED. 2014-02-14 17:25:14 +01:00