wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Dr. Stephen Henson 6c88c71b4e Fix double free in DSA private key parsing. 
Fix double free bug when parsing malformed DSA private keys.

Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
libFuzzer.

CVE-2016-0705

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-02-19 14:03:07 +00:00
..
aes Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
asn1 Fix leak with ASN.1 combine. 2015-12-03 14:32:05 +00:00
bf RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
bio RT4129: BUF_new_mem_buf should take const void * 2016-02-01 08:43:27 -05:00
bn Fix URLs mangled by reformat 2015-12-19 14:43:43 +00:00
buffer BUF_strndup: tidy 2015-09-22 20:04:01 +02:00
camellia Fix URLs mangled by reformat 2015-12-19 14:43:43 +00:00
cast RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
cmac Switch to FIPS implementation for CMAC. 2016-02-16 22:52:59 +00:00
cms Fix missing malloc return value checks 2015-11-09 22:54:19 +00:00
comp RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
conf mark openssl configuration as loaded at end of OPENSSL_config 2015-11-24 22:05:10 +01:00
des Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
dh Add missing return value checks 2016-01-29 11:58:45 +00:00
dsa Fix double free in DSA private key parsing. 2016-02-19 14:03:07 +00:00
dso Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
ec Add have_precompute_mult tests 2016-01-29 13:07:12 +00:00
ecdh RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
ecdsa RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
engine Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
err RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
evp evp/e_des3.c: address compiler warning. 2016-02-19 13:34:42 +01:00
hmac Fix memory leaks and other mistakes on errors 2015-10-23 19:58:54 +02:00
idea RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
jpake Fix missing malloc return value checks 2015-11-09 22:54:19 +00:00
krb5 RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
lhash RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
md2 RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
md4 RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
md5 RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
mdc2 RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
modes modes/ctr128.c: pay attention to ecount_buf alignment in CRYPTO_ctr128_encrypt. 2016-02-12 22:00:13 +01:00
objects RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
ocsp Remove useless code 2015-10-23 20:32:59 +02:00
pem Fix missing malloc return value checks 2015-11-09 22:54:19 +00:00
perlasm perlasm/x86_64-xlate.pl: pass pure constants verbatim. 2016-02-11 21:26:44 +01:00
pkcs7 Fix missing malloc return value checks 2015-11-09 22:54:19 +00:00
pkcs12 Set salt length after the malloc has succeeded 2015-10-23 19:59:34 +02:00
pqueue RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
rand Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
rc2 RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
rc4 Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
rc5 RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
ripemd RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
rsa Don't check RSA_FLAG_SIGN_VER. 2015-12-20 19:27:03 +00:00
seed Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
sha x86_64 assembly pack: tune clang version detection even further. 2015-12-13 22:19:32 +01:00
srp Fix SRP memory leaks 2015-09-21 10:23:25 +01:00
stack if no comparison function set make sk_sort no op 2016-02-06 18:49:56 +00:00
store Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
threads Cleanup mttest.c : because we no longer use stdio here, don't include it 2015-06-21 22:12:07 +02:00
ts Fix X509_STORE_CTX_cleanup() 2016-01-02 11:14:05 -05:00
txt_db RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
ui Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
whrlpool RT4044: Remove .cvsignore files. 2015-09-15 11:58:27 -04:00
x509 Fix missing ok=0 with locally blacklisted CAs 2016-02-05 10:54:11 -05:00
x509v3 NGX-2040 - fix wildcard match on punycode/IDNA DNS names 2016-01-15 14:48:17 -05:00
alphacpuid.pl
arm64cpuid.S
arm_arch.h
armcap.c
armv4cpuid.S
constant_time_locl.h
constant_time_test.c
cpt_err.c
cryptlib.c GH102: Add volatile to CRYPTO_memcmp 2016-01-30 14:41:23 -05:00
cryptlib.h
crypto-lib.com
crypto.h GH102: Add volatile to CRYPTO_memcmp 2016-01-30 14:41:23 -05:00
cversion.c
ebcdic.c
ebcdic.h
ex_data.c Root cause discovered and fixed, this fix became unnecessary 2016-01-13 01:23:34 +01:00
fips_err.h
fips_ers.c
ia64cpuid.S
install-crypto.com
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
Makefile Fix the update target and remove duplicate file updates 2015-05-23 06:25:12 +02:00
md32_common.h
mem.c
mem_clr.c Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
mem_dbg.c
o_dir.c Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
o_dir.h Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
o_dir_test.c Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
o_fips.c
o_init.c
o_str.c Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
o_str.h Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
o_time.c Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
o_time.h Remove the "eay" c-file-style indicators 2015-12-18 13:39:34 +01:00
opensslconf.h.in Use both sun and __sun 2015-11-24 23:44:05 +01:00
opensslv.h Prepare for 1.0.2g-dev 2016-01-28 13:58:24 +00:00
ossl_typ.h
pariscid.pl
ppc_arch.h
ppccap.c RT3990: Fix #include path. 2015-08-05 22:06:22 -04:00
ppccpuid.pl
s390xcap.c
s390xcpuid.S
sparc_arch.h
sparccpuid.S Conversion to UTF-8 where needed 2015-07-14 01:17:45 +02:00
sparcv9cap.c crypto/sparcv9cap.c: add SIGILL-free feature detection for Solaris. 2015-12-02 10:56:27 +01:00
symhacks.h
uid.c
vms_rms.h
x86_64cpuid.pl
x86cpuid.pl