wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/x509
History
Dr. Stephen Henson 4e0d184ac1 Fix name length limit check. 
The name length limit check in x509_name_ex_d2i() includes
the containing structure as well as the actual X509_NAME. This will
cause large CRLs to be rejected.

Fix by limiting the length passed to ASN1_item_ex_d2i() which will
then return an error if the passed X509_NAME exceeds the length.

RT#4531

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-04 17:39:37 +01:00
..
build.info move x_pubkey.c to crypto/x509 2016-03-22 15:28:11 +00:00
by_dir.c Remove use of the old CRYPTO_LOCK_X5O9_STORE 2016-03-09 12:41:39 +00:00
by_file.c Make many X509_xxx types opaque. 2016-04-15 13:21:43 -04:00
t_crl.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
t_req.c Remove #error from include files. 2016-03-20 19:48:36 -04:00
t_x509.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_att.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_cmp.c Avoid overflow issues in X509_cmp. 2016-04-29 17:01:09 +02:00
x509_d2.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_def.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_err.c Add checks to X509_NAME_oneline() 2016-04-29 19:42:21 +01:00
x509_ext.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_lcl.h Make many X509_xxx types opaque. 2016-04-15 13:21:43 -04:00
x509_lu.c Fix some X509_STORE macros 2016-04-29 23:13:58 +01:00
x509_obj.c Prevent EBCDIC overread for very long strings 2016-05-03 10:22:47 +01:00
x509_r2x.c Use X509_REQ_get0_pubkey 2016-04-04 20:38:14 +02:00
x509_req.c Add X509_REQ_get0_pubkey method 2016-04-04 20:38:11 +02:00
x509_set.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x509_trs.c Compat self-signed trust with reject-only aux data 2016-01-31 21:24:12 -05:00
x509_txt.c Move peer chain security checks into x509_vfy.c 2016-04-03 11:35:35 -04:00
x509_v3.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_vfy.c Drop duplicate ctx->verify_cb assignment 2016-05-03 10:50:40 -04:00
x509_vpm.c Move peer chain security checks into x509_vfy.c 2016-04-03 11:35:35 -04:00
x509cset.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x509name.c GH601: Various spelling fixes. 2016-02-05 15:25:50 -05:00
x509rset.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509spki.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509type.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_all.c Fix no-ocsp 2016-04-06 14:57:45 +01:00
x_attrib.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_crl.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x_exten.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_name.c Fix name length limit check. 2016-05-04 17:39:37 +01:00
x_pubkey.c Fix X509_PUBKEY cached key handling. 2016-04-02 17:34:27 +01:00
x_req.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x_x509.c Fix i2d_X509_AUX: pp can be NULL. 2016-05-02 22:46:39 +01:00
x_x509a.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00