openssl/crypto
Benjamin Kaduk 62b0a0dea6 Fix memory leaks in CTLOG_new_from_base64
Move the call to ct_base64_decode(), which allocates, until after
the check for NULL output parameter.

Also place a cap on the number of padding characters used to decrement
the output length -- any more than two '='s is not permitted in a
well-formed base64 text.  Prior to this change, ct_base64_decode() would
return a length of -1 along with allocated storage for an input of
"====".

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3379)
2017-06-09 13:32:29 -04:00
..
aes Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
aria aria/aria.c: address undefined behaviour warning in small-footprint path. 2017-05-26 10:51:16 +02:00
asn1 Fix #340: Parse ASN1_TIME to struct tm 2017-06-08 13:19:13 +01:00
async make error tables const and separate header file 2017-06-07 15:12:03 -04:00
bf Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
bio make error tables const and separate header file 2017-06-07 15:12:03 -04:00
blake2 Fix some extra or missing whitespaces... 2017-01-25 09:06:34 +00:00
bn make error tables const and separate header file 2017-06-07 15:12:03 -04:00
buffer make error tables const and separate header file 2017-06-07 15:12:03 -04:00
camellia Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
cast Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
chacha Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
cmac Don't use deprecated EVP_CIPHER_CTX_cleanup() internally 2017-03-01 11:42:50 +01:00
cms make error tables const and separate header file 2017-06-07 15:12:03 -04:00
comp make error tables const and separate header file 2017-06-07 15:12:03 -04:00
conf make error tables const and separate header file 2017-06-07 15:12:03 -04:00
ct Fix memory leaks in CTLOG_new_from_base64 2017-06-09 13:32:29 -04:00
des Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
dh make error tables const and separate header file 2017-06-07 15:12:03 -04:00
dsa make error tables const and separate header file 2017-06-07 15:12:03 -04:00
dso make error tables const and separate header file 2017-06-07 15:12:03 -04:00
ec make error tables const and separate header file 2017-06-07 15:12:03 -04:00
engine make error tables const and separate header file 2017-06-07 15:12:03 -04:00
err make error tables const and separate header file 2017-06-07 15:12:03 -04:00
evp make error tables const and separate header file 2017-06-07 15:12:03 -04:00
hmac PBKDF2 computation speedup (15-40%) 2017-04-04 10:44:17 -04:00
idea Fix gcc-7 warnings. 2017-05-11 19:39:38 +02:00
include/internal ED25519 public key method. 2017-05-30 20:38:20 +01:00
kdf make error tables const and separate header file 2017-06-07 15:12:03 -04:00
lhash Add a lock around the OBJ_NAME table 2017-06-07 11:23:37 -04:00
md2 Convert memset calls to OPENSSL_cleanse 2016-06-30 15:51:57 +01:00
md4 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
md5 Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
mdc2 Convert mdc2 test print to internal test 2016-11-03 13:13:31 +01:00
modes modes/ocb128.c: address undefined behaviour warning. 2017-05-26 10:52:11 +02:00
objects make error tables const and separate header file 2017-06-07 15:12:03 -04:00
ocsp make error tables const and separate header file 2017-06-07 15:12:03 -04:00
pem make error tables const and separate header file 2017-06-07 15:12:03 -04:00
perlasm Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
pkcs7 make error tables const and separate header file 2017-06-07 15:12:03 -04:00
pkcs12 make error tables const and separate header file 2017-06-07 15:12:03 -04:00
poly1305 Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
rand make error tables const and separate header file 2017-06-07 15:12:03 -04:00
rc2 Fix gcc-7 warnings. 2017-05-11 19:39:38 +02:00
rc4 Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
rc5 Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
ripemd Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00
rsa make error tables const and separate header file 2017-06-07 15:12:03 -04:00
seed Use _WIN32 over WIN32 for preprocessor conditional 2017-02-16 08:59:47 -05:00
sha sha/asm/keccak1600-armv4.pl: switch to more efficient bit interleaving algorithm. 2017-06-08 20:21:31 +02:00
siphash Fix gcc-7 warnings. 2017-05-11 19:39:38 +02:00
srp Correct some badly formated preprocessor lines 2017-04-25 15:44:48 +02:00
stack Don't leak on an OPENSSL_realloc() failure 2016-09-21 20:27:15 +01:00
ts make error tables const and separate header file 2017-06-07 15:12:03 -04:00
txt_db Fix a few memleaks in TXT_DB. 2017-02-21 14:13:58 -05:00
ui make error tables const and separate header file 2017-06-07 15:12:03 -04:00
whrlpool Fix a read off the end of the input buffer 2017-06-08 16:05:52 -04:00
x509 make error tables const and separate header file 2017-06-07 15:12:03 -04:00
x509v3 Fix a bundle of trailing spaces in several files 2017-06-09 12:04:10 -04:00
alphacpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm64cpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm_arch.h Copyright consolidation 07/10 2016-05-17 14:51:26 -04:00
armcap.c crypto/armcap.c: short-circuit processor capability probe in iOS builds. 2017-02-15 23:16:23 +01:00
armv4cpuid.pl ARMv4 assembly pack: harmonize Thumb-ification of iOS build. 2017-02-15 23:16:01 +01:00
build.info Move OS-specific fopen quirks to o_fopen.c. 2016-06-22 21:51:53 +02:00
c64xpluscpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
cpt_err.c make error tables const and separate header file 2017-06-07 15:12:03 -04:00
cryptlib.c Use memcmp() instead of CRYPTO_memcmp() when fuzzing 2017-03-19 14:34:07 +01:00
cversion.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
dllmain.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
ebcdic.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
ex_data.c Fix ex_data and session_dup issues 2017-06-02 12:11:38 -04:00
ia64cpuid.S Add final(?) set of copyrights. 2016-06-01 11:27:25 -04:00
init.c Fix a bundle of trailing spaces in several files 2017-06-09 12:04:10 -04:00
LPdir_nyi.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_unix.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_vms.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
LPdir_win.c Fix mingw build 2016-07-18 10:47:07 +01:00
LPdir_win32.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_wince.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
mem.c Removed ugly size_t less than zero check. 2017-02-21 12:30:23 -05:00
mem_clr.c Fix some style issues... 2016-08-02 09:59:23 +02:00
mem_dbg.c Add CRYPTO_mem_leaks_cb 2017-04-24 18:09:01 +02:00
mem_sec.c Tweak sec_mem tests 2017-05-20 20:54:04 -04:00
mips_arch.h Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
o_dir.c Fix typo, missing || 2017-02-22 19:51:04 +01:00
o_fips.c Clean up references to FIPS 2017-02-28 15:26:25 +01:00
o_fopen.c Fix a few if(, for(, while( inside code. 2016-07-20 07:21:53 -04:00
o_init.c Clean up references to FIPS 2017-02-28 15:26:25 +01:00
o_str.c Address some -Wold-style-declaration warnings 2017-05-01 14:23:28 -04:00
o_time.c Reset executable bits on files where not needed. 2017-03-03 09:13:40 +01:00
pariscid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
ppc_arch.h GH919: Fix wrappers for two headers 2016-05-24 11:04:38 -04:00
ppccap.c crypto/ppccap.c: SIGILL-free processor capabilities detection on MacOS X. 2017-04-02 20:45:59 +02:00
ppccpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
s390xcap.c Fix strict-warnings build 2016-10-18 17:09:47 +01:00
s390xcpuid.S s390x assembly pack: improve portability. 2016-06-06 11:08:04 +02:00
sparc_arch.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
sparccpuid.S Clean up references to FIPS 2017-02-28 15:26:25 +01:00
sparcv9cap.c crypto/sparcv9cap.c: add missing declaration. 2016-08-12 10:26:20 +02:00
threads_none.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
threads_pthread.c Grouped data declarations [skip ci] 2017-02-03 13:48:44 +01:00
threads_win.c Revert "Fixed deadlock in CRYPTO_THREAD_run_once for Windows" 2016-11-14 11:55:13 +00:00
uid.c Cleaning UEFI Build with additional OPENSSL_SYS_UEFI flags 2017-03-29 07:35:59 +02:00
vms_rms.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x86_64cpuid.pl crypto/x86*cpuid.pl: move extended feature detection. 2017-03-13 18:42:10 +01:00
x86cpuid.pl Remove filename argument to x86 asm_init. 2017-05-11 17:00:23 -04:00