wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/apps
History
Richard Levitte 4f29f3a29b asn1parse: avoid double free 
|str| was used for multiple conflicting purposes.  When using
'-strictpem', it's used to uniquely hold a reference to the loaded
payload.  However, when using '-strparse', |str| was re-used to hold
the position from where to start parsing.

So when '-strparse' and '-strictpem' are were together, |str| ended up
pointing into data pointed at by |at|, and was yet being freed, with
the result that the payload it held a reference to became a memory
leak, and there was a double free conflict when both |str| and |at|
were being freed.

The situation is resolved by always having |buf| hold the pointer to
the file data, and always and only use |str| to hold the position to
start parsing from.  Now, we only need to free |buf| properly and not
|str|.

Fixes #8752

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8753)
2019-04-18 19:20:55 +02:00
..
demoSRP Remove unnecessary trailing whitespace 2019-02-05 16:25:11 +01:00
include Fix typos 2019-04-10 12:00:20 +02:00
app_rand.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
apps.c Add -new and -subj options to x509 app for direct cert generation 2019-03-19 09:35:03 +10:00
apps_ui.c Updated test command line parsing to support commmon commands 2019-02-11 15:31:51 +01:00
asn1pars.c asn1parse: avoid double free 2019-04-18 19:20:55 +02:00
bf_prefix.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
build.info openssl app for macs that uses the new EVP_MAC interface (the code inside dgst uses EVP_PKEY) 2019-03-11 12:44:56 +00:00
ca-cert.srl Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
ca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca.c apps/ca.c: only output DER with SPKAC input and when -out is chosen 2019-02-28 13:06:32 +01:00
CA.pl.in Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
cert.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ciphers.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
client.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
cms.c crypto/cms: Add support for CAdES Basic Electronic Signatures (CAdES-BES) 2019-01-27 23:59:21 +01:00
crl.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
crl2p7.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
ct_log_list.cnf Remove unnecessary trailing whitespace 2019-02-05 16:25:11 +01:00
dgst.c issue-8493: Fix for filenames with newlines using openssl dgst 2019-03-30 11:22:51 +10:00
dh1024.pem Remove unnecessary trailing whitespace 2019-02-05 16:25:11 +01:00
dh2048.pem Remove unnecessary trailing whitespace 2019-02-05 16:25:11 +01:00
dh4096.pem Remove unnecessary trailing whitespace 2019-02-05 16:25:11 +01:00
dhparam.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
dsa-ca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa-pca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
dsa512.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
dsa1024.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
dsap.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
dsaparam.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
ec.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
ecparam.c added code to validate EC named curve parameters 2019-04-11 12:05:38 +03:00
enc.c Fixed typo in enc.c warning 2019-04-01 08:45:06 +10:00
engine.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
errstr.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
fmt.c Updated test command line parsing to support commmon commands 2019-02-11 15:31:51 +01:00
gendsa.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
genpkey.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
genrsa.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
mac.c coverity fixes for SSKDF + mac_app + kdf test cleanup 2019-03-28 10:17:38 +00:00
nseq.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
ocsp.c Modify OCSP to use alt MD for cert IDs in responses 2019-04-03 15:56:45 +01:00
openssl-vms.cnf Remove unnecessary trailing whitespace 2019-02-05 16:25:11 +01:00
openssl.c trace: rename the default trace category from 'ANY' to 'ALL' 2019-03-30 00:04:37 +01:00
openssl.cnf Remove unnecessary trailing whitespace 2019-02-05 16:25:11 +01:00
opt.c Updated test command line parsing to support commmon commands 2019-02-11 15:31:51 +01:00
passwd.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
pca-cert.srl Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
pca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pkcs7.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
pkcs8.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
pkcs12.c Complain if -twopass is used incorrectly 2019-01-30 15:36:13 +00:00
pkey.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
pkeyparam.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
pkeyutl.c coverity resource leak fixes in apps/pkeyutl 2019-04-08 10:21:22 +10:00
prime.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
privkey.pem PR: 1644 2009-09-06 15:49:46 +00:00
progs.pl Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
rand.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
rehash.c Cleanup vxworks support to be able to compile for VxWorks 7 2019-01-24 17:55:04 +01:00
req.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
req.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
rsa.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
rsa8192.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
rsautl.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
s512-key.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s512-req.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s1024key.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s1024req.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s_cb.c Remove heartbeats completely 2019-03-29 13:50:59 +01:00
s_client.c s_client starttls: fix handling of multiline reply 2019-04-08 11:02:40 +10:00
s_server.c apps: print Kernel receive side TLS in s_client and s_server 2019-04-01 11:54:48 +01:00
s_socket.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
s_time.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
server.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
server.srl Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
server2.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
sess_id.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
smime.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
speed.c Deprecate AES_ige_encrypt() and AES_bi_ige_encrypt() 2019-04-12 14:22:41 +01:00
spkac.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
srp.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
storeutl.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
testCA.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testdsa.h Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
testrsa.h Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
timeouts.h Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
ts.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
tsget.in apps/tsget.in: use the full version in the user agent string 2018-12-10 20:09:17 +01:00
verify.c Make X509_set_sm2_id consistent with other setters 2019-04-09 20:44:42 +08:00
version.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
vms_decc_argv.c testutil: ensure good treatment of argv on non-Unix platforms 2019-03-05 08:53:19 +01:00
vms_decc_init.c VMS: move copy_argc to its own module and make it an aux source 2019-03-05 08:51:09 +01:00
vms_term_sock.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
vms_term_sock.h Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
win32_init.c Following the license change, modify the boilerplates in apps/ 2018-12-06 14:15:27 +01:00
x509.c Add -new and -subj options to x509 app for direct cert generation 2019-03-19 09:35:03 +10:00