wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Matt Caswell 05bdebb6e0 Fix off-by-one error in BN_bn2hex 
A BIGNUM can have the value of -0. The function BN_bn2hex fails to account
for this and can allocate a buffer one byte too short in the event of -0
being used, leading to a one byte buffer overrun. All usage within the
OpenSSL library is considered safe. Any security risk is considered
negligible.

With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and
Filip Palian for discovering and reporting this issue.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit c56353071d)

Conflicts:
	crypto/bn/bn_print.c
2015-06-04 09:29:13 +01:00
..
aes Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
asn1 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
bf Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
bio Handle unsigned struct timeval members 2015-05-26 10:42:10 +01:00
bn Fix off-by-one error in BN_bn2hex 2015-06-04 09:29:13 +01:00
buffer Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
camellia Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
cast Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
cmac Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
cms Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
comp Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
conf Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
des Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
dh Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
dsa Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
dso Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
ec fix copy paste error in ec_GF2m function prototypes 2015-05-26 10:14:56 +02:00
ecdh Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
ecdsa Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
engine Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
err Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
evp Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
hmac Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
idea Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
jpake Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
krb5 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
lhash Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
md2 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
md4 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
md5 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
mdc2 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
modes Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
objects RT3230: Better test for C identifier 2015-06-02 17:17:54 -04:00
ocsp Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
pem check for error when creating PKCS#8 structure 2015-05-28 18:02:19 +01:00
perlasm Reduce version skew. 2012-06-08 09:18:47 +00:00
pkcs7 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
pkcs12 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
pqueue Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
rand Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
rc2 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
rc4 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
rc5 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
ripemd Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
rsa Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
seed Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
sha Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
srp Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
stack Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
store Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
threads Code style: space after 'if' 2015-04-16 13:51:51 -04:00
ts Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
txt_db Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
ui Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
whrlpool Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
x509 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
x509v3 Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
.cvsignore Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev 2008-04-17 10:19:16 +00:00
alphacpuid.pl Alpha assembler fixed from HEAD. 2011-08-12 12:31:08 +00:00
arm_arch.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
armcap.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
armv4cpuid.S ARM assembler pack update from HEAD. 2011-11-14 20:58:01 +00:00
constant_time_locl.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
constant_time_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
cpt_err.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
cryptlib.c RT3820: Don't call GetDesktopWindow() 2015-05-02 08:02:06 -04:00
cryptlib.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
crypto-lib.com Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces 2014-10-15 10:49:24 +02:00
crypto.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
cversion.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ebcdic.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ebcdic.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ex_data.c Fix memory leak reporting. 2015-02-09 13:01:28 +00:00
fips_err.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
fips_ers.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ia64cpuid.S IA64 assembler pack update from HEAD. 2011-11-14 20:45:57 +00:00
install-crypto.com Adjust VMS build to Unix build. Most of all, make it so the disabled 2014-10-15 10:49:08 +02:00
LPdir_nyi.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
LPdir_unix.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
LPdir_vms.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
LPdir_win.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
LPdir_win32.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
LPdir_wince.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
Makefile Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
md32_common.h md32_common.h: backport ICC fix. 2015-05-26 09:58:12 +02:00
mem.c Fix CRYPTO_strdup 2015-04-22 17:24:47 +01:00
mem_clr.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
mem_dbg.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
o_dir.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
o_dir.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
o_dir_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
o_fips.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
o_init.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
o_str.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
o_str.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
o_time.c Re-align some comments after running the reformat script. 2015-01-22 09:39:01 +00:00
o_time.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
opensslconf.h.in Eliminate warning induced by http://cvs.openssl.org/chngview?cn=14690 and 2005-12-16 10:37:24 +00:00
opensslv.h Prepare for 1.0.1n-dev 2015-03-19 13:41:07 +00:00
ossl_typ.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
pariscid.pl PA-RISC assembler pack: switch to bve in 64-bit builds. 2013-06-30 23:15:53 +02:00
ppccap.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ppccpuid.pl ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 2012-04-27 20:20:15 +00:00
s390xcap.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s390xcpuid.S s390x assembler pack update from HEAD. 2011-11-14 20:47:22 +00:00
sparccpuid.S sparccpuid.S: work around emulator bug on T1. 2013-02-11 10:41:57 +01:00
sparcv9cap.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
symhacks.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
uid.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
vms_rms.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
x86_64cpuid.pl x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 22:54:04 +01:00
x86cpuid.pl x86cpuid.pl: make it work with older CPUs. 2013-03-18 19:50:23 +01:00