openssl/crypto
Andy Polyakov 2198b3a55d crypto/evp: harden AEAD ciphers.
Originally a crash in 32-bit build was reported CHACHA20-POLY1305
cipher. The crash is triggered by truncated packet and is result
of excessive hashing to the edge of accessible memory. Since hash
operation is read-only it is not considered to be exploitable
beyond a DoS condition. Other ciphers were hardened.

Thanks to Robert Święcki for report.

CVE-2017-3731

Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-01-26 10:54:01 +00:00
..
aes x86 assembly pack: update performance results. 2016-12-19 16:18:25 +01:00
asn1 Add support for Poly1305 in EVP_PKEY 2017-01-24 15:40:37 +01:00
async Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
bf Remove/rename some old files. 2016-06-01 11:29:57 -04:00
bio Fix VC warnings about unary minus to an unsigned type. 2017-01-15 22:21:07 +01:00
blake2 Fix some extra or missing whitespaces... 2017-01-25 09:06:34 +00:00
bn Don't call memcpy with NULL as source 2016-12-15 21:45:25 +01:00
buffer Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
camellia Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
cast Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
chacha chacha/asm/chacha-x86_64.pl: add AVX512 path optimized for shorter inputs. 2016-12-25 16:31:40 +01:00
cmac Copyright consolidation 06/10 2016-05-17 14:51:04 -04:00
cms Set EVP_PKEY_CTX in SignerInfo 2017-01-08 01:42:49 +00:00
comp Fix zlib BIO_METHOD for latest BIO_METHOD structure changes 2016-11-08 13:58:10 +00:00
conf Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
ct Move SCT_LIST_free definition into a more logical place 2016-11-16 13:54:17 +00:00
des Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
dh Style 2017-01-25 09:06:34 +00:00
dsa Style 2017-01-25 09:06:34 +00:00
dso Avoid the call to OPENSSL_malloc with a negative value (then casted to unsigned) 2016-12-10 16:41:59 -05:00
ec ec/asm/ecp_nistz256-ppc64.pl: minor POWER8-specific optimization. 2017-01-21 22:28:34 +01:00
engine Only enable CRYPTO_3DES_ECB if that name is an existing macro 2017-01-10 14:59:39 +01:00
err In UI_OpenSSL's open(), generate an error on unknown errno 2016-12-08 13:34:08 +01:00
evp crypto/evp: harden AEAD ciphers. 2017-01-26 10:54:01 +00:00
hmac Fix style issues in HMAC_size() 2016-11-04 12:09:46 +00:00
idea Remove/rename some old files. 2016-06-01 11:29:57 -04:00
include/internal Cleanup EVP_CIPH/EP_CTRL duplicate defines 2017-01-24 18:47:10 +01:00
kdf Following the changes to HKDF to accept a mode, add some tests for this 2016-11-09 10:36:54 +00:00
lhash GH1555: Don't bump size on realloc failure 2016-09-21 10:40:27 -04:00
md2 Convert memset calls to OPENSSL_cleanse 2016-06-30 15:51:57 +01:00
md4 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
md5 Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
mdc2 Convert mdc2 test print to internal test 2016-11-03 13:13:31 +01:00
modes modes/ctr128.c: fix false carry in counter increment procedure. 2016-11-25 17:22:21 +01:00
objects Add support for Poly1305 in EVP_PKEY 2017-01-24 15:40:37 +01:00
ocsp Add OCSP_RESPID_match() 2016-09-22 09:27:45 +01:00
pem Fix MSBLOB format with RSA. 2016-11-17 03:53:02 +00:00
perlasm perlasm/x86_64-xlate.pl: add support for AVX512 OPMASK-ing. 2016-12-15 17:57:45 +01:00
pkcs7 Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
pkcs12 Simplify PKCS#12 PBE algorithm. 2016-11-15 01:23:25 +00:00
poly1305 Add support for Poly1305 in EVP_PKEY 2017-01-24 15:40:37 +01:00
rand RAND_egd_bytes: No need to check RAND_status on connection error. 2017-01-24 14:39:20 +01:00
rc2 Clean away remaining 'selftest' code 2016-11-03 13:15:40 +01:00
rc4 Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
rc5 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
ripemd Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
rsa Defines and strings for special salt length values, add tests 2017-01-18 15:04:49 +00:00
seed Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
sha x86 assembly pack: update performance results. 2016-12-19 16:18:25 +01:00
srp SRP code tidy. 2016-10-01 13:46:54 +01:00
stack Don't leak on an OPENSSL_realloc() failure 2016-09-21 20:27:15 +01:00
ts Add error checking, small nit on ouput 2016-10-19 06:37:42 -04:00
txt_db Rename lh_xxx,sk_xxx tp OPENSSL_{LH,SK}_xxx 2016-05-20 10:48:29 -04:00
ui UI: Use RUN_ONCE differently 2017-01-13 11:47:35 +01:00
whrlpool Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
x509 Few nit's 2017-01-25 09:06:34 +00:00
x509v3 Few nit's 2017-01-25 09:06:34 +00:00
alphacpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm64cpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm_arch.h Copyright consolidation 07/10 2016-05-17 14:51:26 -04:00
armcap.c Copyright consolidation 07/10 2016-05-17 14:51:26 -04:00
armv4cpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
build.info Move OS-specific fopen quirks to o_fopen.c. 2016-06-22 21:51:53 +02:00
c64xpluscpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
cpt_err.c Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
cryptlib.c crypto/cryptlib.c: omit OPENSSL_ia32cap_loc(). 2016-06-22 20:20:37 +02:00
cversion.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
dllmain.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
ebcdic.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
ex_data.c Fix mem leaks during auto-deinit 2016-09-08 12:40:19 +01:00
ia64cpuid.S Add final(?) set of copyrights. 2016-06-01 11:27:25 -04:00
init.c Add "random malloc failure" tooling 2017-01-12 11:27:27 -05:00
LPdir_nyi.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_unix.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_vms.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
LPdir_win.c Fix mingw build 2016-07-18 10:47:07 +01:00
LPdir_win32.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_wince.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
mem.c Fix "failure rate" bugs 2017-01-13 15:47:02 -05:00
mem_clr.c Fix some style issues... 2016-08-02 09:59:23 +02:00
mem_dbg.c fix crypto-mdebug build 2016-07-20 12:41:31 +01:00
mem_sec.c Copyright consolidation 06/10 2016-05-17 14:51:04 -04:00
mips_arch.h Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
o_dir.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
o_fips.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
o_fopen.c Fix a few if(, for(, while( inside code. 2016-07-20 07:21:53 -04:00
o_init.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
o_str.c buf2hexstr: properly deal with empty string 2016-06-21 20:55:54 +02:00
o_time.c VSI submisson: make better use of item lists in o_time.c 2016-08-04 16:51:39 +02:00
pariscid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
ppc_arch.h GH919: Fix wrappers for two headers 2016-05-24 11:04:38 -04:00
ppccap.c Revert "Move algorithm specific ppccap code from crypto/ppccap.c" 2016-11-10 16:24:02 +01:00
ppccpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
s390xcap.c Fix strict-warnings build 2016-10-18 17:09:47 +01:00
s390xcpuid.S s390x assembly pack: improve portability. 2016-06-06 11:08:04 +02:00
sparc_arch.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
sparccpuid.S spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
sparcv9cap.c crypto/sparcv9cap.c: add missing declaration. 2016-08-12 10:26:20 +02:00
threads_none.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
threads_pthread.c CRYPTO_atomic_add(): check that the object is lock free 2016-08-24 14:37:48 +01:00
threads_win.c Revert "Fixed deadlock in CRYPTO_THREAD_run_once for Windows" 2016-11-14 11:55:13 +00:00
uid.c Fix support for DragonFly BSD 2016-10-22 04:25:17 -04:00
vms_rms.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x86_64cpuid.pl crypto/x86[_64]cpuid.pl: add OPENSSL_ia32_rd[rand|seed]_bytes. 2016-07-15 13:20:52 +02:00
x86cpuid.pl Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00