wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Matt Caswell 29b0a15a48 Add sanity check in ssl3_cbc_digest_record 
For SSLv3 the code assumes that |header_length| > |md_block_size|. Whilst
this is true for all SSLv3 ciphersuites, this fact is far from obvious by
looking at the code. If this were not the case then an integer overflow
would occur, leading to a subsequent buffer overflow. Therefore I have
added an explicit sanity check to ensure header_length is always valid.
Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3
Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-04-30 23:12:39 +01:00
..
record Sanity check EVP_CTRL_AEAD_TLS_AAD 2015-04-30 23:12:39 +01:00
bio_ssl.c remove malloc casts 2015-04-28 15:28:14 -04:00
d1_both.c remove malloc casts 2015-04-28 15:28:14 -04:00
d1_clnt.c Code style: space after 'if' 2015-04-16 13:44:59 -04:00
d1_lib.c Remove redundant includes from dtls1.h 2015-04-30 11:34:51 +01:00
d1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
d1_msg.c Split out non record layer functions out of s3_pkt.c and d1_pkt.c into 2015-03-26 15:01:59 +00:00
d1_srtp.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
d1_srvr.c Code style: space after 'if' 2015-04-16 13:44:59 -04:00
install-ssl.com Remove SSL_TASK, the DECnet Based SSL Engine - addendum 2015-03-31 22:19:22 +02:00
kssl.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
kssl_lcl.h Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
Makefile make update 2015-04-30 23:00:44 +01:00
s3_both.c Code style: space after 'if' 2015-04-16 13:44:59 -04:00
s3_cbc.c Add sanity check in ssl3_cbc_digest_record 2015-04-30 23:12:39 +01:00
s3_clnt.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
s3_enc.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
s3_lib.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
s3_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
s3_msg.c Introduce the functions RECORD_LAYER_release, RECORD_LAYER_read_pending, and 2015-03-26 15:01:59 +00:00
s3_srvr.c free NULL cleanup 5a 2015-04-30 17:33:59 -04:00
s23_clnt.c Code style: space after 'if' 2015-04-16 13:44:59 -04:00
s23_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
s23_meth.c OPENSSL_NO_XXX cleanup: NO_TLS, NO_TLS1 2015-01-27 15:14:12 -05:00
s23_srvr.c Code style: space after 'if' 2015-04-16 13:44:59 -04:00
ssl-lib.com Remove SSL_TASK, the DECnet Based SSL Engine 2015-03-31 21:59:43 +02:00
ssl_algs.c Fix missing return value checks 2015-03-23 15:23:11 +00:00
ssl_asn1.c The wrong ifdef is used to guard usage of PSK code 2015-04-10 23:52:32 +01:00
ssl_cert.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
ssl_ciph.c remove malloc casts 2015-04-28 15:28:14 -04:00
ssl_conf.c Big apps cleanup (option-parsing, etc) 2015-04-24 15:26:15 -04:00
ssl_err.c Repair EAP-FAST session resumption 2015-04-21 18:12:58 +02:00
ssl_err2.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
ssl_lib.c free NULL cleanup 5a 2015-04-30 17:33:59 -04:00
ssl_locl.h Renamed record layer header files 2015-03-26 15:02:01 +00:00
ssl_rsa.c free NULL cleanup 5a 2015-04-30 17:33:59 -04:00
ssl_sess.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
ssl_stat.c Move s->rstate to s->rlayer.rstate 2015-03-26 15:02:00 +00:00
ssl_txt.c Code style: space after 'if' 2015-04-16 13:44:59 -04:00
ssl_utst.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
t1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
t1_enc.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00
t1_ext.c Remove support for opaque-prf 2015-01-28 15:37:16 -05:00
t1_lib.c free NULL cleanup 5a 2015-04-30 17:33:59 -04:00
t1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
t1_reneg.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
t1_srvr.c Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
t1_trce.c dead code cleanup: #if 0 in ssl 2015-02-06 10:52:12 -05:00
tls_srp.c free cleanup almost the finale 2015-04-30 17:57:32 -04:00