openssl/crypto/x509
Matt Caswell ea96ad5a20 Prevent EBCDIC overread for very long strings
ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
This could result in arbitrary stack data being returned in the buffer.

Issue reported by Guido Vranken.

CVE-2016-2176

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-05-03 10:22:47 +01:00
..
build.info move x_pubkey.c to crypto/x509 2016-03-22 15:28:11 +00:00
by_dir.c Remove use of the old CRYPTO_LOCK_X5O9_STORE 2016-03-09 12:41:39 +00:00
by_file.c Make many X509_xxx types opaque. 2016-04-15 13:21:43 -04:00
t_crl.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
t_req.c Remove #error from include files. 2016-03-20 19:48:36 -04:00
t_x509.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_att.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_cmp.c Avoid overflow issues in X509_cmp. 2016-04-29 17:01:09 +02:00
x509_d2.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_def.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_err.c Add checks to X509_NAME_oneline() 2016-04-29 19:42:21 +01:00
x509_ext.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_lcl.h Make many X509_xxx types opaque. 2016-04-15 13:21:43 -04:00
x509_lu.c Fix some X509_STORE macros 2016-04-29 23:13:58 +01:00
x509_obj.c Prevent EBCDIC overread for very long strings 2016-05-03 10:22:47 +01:00
x509_r2x.c Use X509_REQ_get0_pubkey 2016-04-04 20:38:14 +02:00
x509_req.c Add X509_REQ_get0_pubkey method 2016-04-04 20:38:11 +02:00
x509_set.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x509_trs.c Compat self-signed trust with reject-only aux data 2016-01-31 21:24:12 -05:00
x509_txt.c Move peer chain security checks into x509_vfy.c 2016-04-03 11:35:35 -04:00
x509_v3.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509_vfy.c Implement X509_STORE_CTX_set_current_cert() accessor 2016-04-28 13:50:13 -04:00
x509_vpm.c Move peer chain security checks into x509_vfy.c 2016-04-03 11:35:35 -04:00
x509cset.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x509name.c GH601: Various spelling fixes. 2016-02-05 15:25:50 -05:00
x509rset.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509spki.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x509type.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_all.c Fix no-ocsp 2016-04-06 14:57:45 +01:00
x_attrib.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_crl.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x_exten.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_name.c Add size limit to X509_NAME structure. 2016-04-29 19:42:21 +01:00
x_pubkey.c Fix X509_PUBKEY cached key handling. 2016-04-02 17:34:27 +01:00
x_req.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x_x509.c Fix i2d_X509_AUX: pp can be NULL. 2016-05-02 22:46:39 +01:00
x_x509a.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00