openssl/crypto
Dr. Stephen Henson 66bcba1457 Limit reads in do_b2i_bio()
Apply a limit to the maximum blob length which can be read in do_d2i_bio()
to avoid excessive allocation.

Thanks to Shi Lei for reporting this.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 00:27:10 +01:00
..
aes spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
asn1 Check for errors in a2d_ASN1_OBJECT() 2016-08-16 00:19:19 +01:00
async Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
bf Remove/rename some old files. 2016-06-01 11:29:57 -04:00
bio Adapt BIO_new_accept() to call BIO_set_accept_name() 2016-08-10 11:07:42 -04:00
blake2 Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
bn Check for errors in BN_bn2dec() 2016-08-16 00:19:19 +01:00
buffer Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
camellia Missed some copyright merge 2016-06-13 16:05:25 -04:00
cast Remove/rename some old files. 2016-06-01 11:29:57 -04:00
chacha spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
cmac Copyright consolidation 06/10 2016-05-17 14:51:04 -04:00
cms Constify some ASN1_OBJECT *obj input parameters 2016-08-04 17:02:48 +02:00
comp Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
conf Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
ct Make CT_POLICY_EVAL_CTX_set1_{cert,issuer} into boolean functions 2016-08-15 12:56:47 -04:00
des SPARC assembly pack: enforce V8+ ABI constraints. 2016-07-01 14:25:08 +02:00
dh Change callers to use the new constants. 2016-08-10 10:07:37 -04:00
dsa Add DSA_bits() function. 2016-08-01 19:37:42 +01:00
dso Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
ec Remove old EC based X25519 code. 2016-08-13 14:11:05 +01:00
engine Fix some style issues... 2016-08-02 09:59:23 +02:00
err Remove get_hash completely 2016-08-04 14:23:08 -04:00
evp Add point ctrls to X25519 2016-08-13 14:11:05 +01:00
hmac Teach EVP_PKEY_HMAC keys how to EVP_PKEY_cmp() 2016-06-24 12:31:31 -04:00
idea Remove/rename some old files. 2016-06-01 11:29:57 -04:00
include/internal Add X25519 methods to internal tables 2016-08-13 14:11:04 +01:00
kdf Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
lhash fix code formatting 2016-07-01 10:56:19 -04:00
md2 Convert memset calls to OPENSSL_cleanse 2016-06-30 15:51:57 +01:00
md4 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
md5 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
mdc2 Copyright consolidation 07/10 2016-05-17 14:51:26 -04:00
modes spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
objects Use OIDs from draft-ietf-curdle-pkix-02 2016-08-13 14:11:04 +01:00
ocsp spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
pem Limit reads in do_b2i_bio() 2016-08-16 00:27:10 +01:00
perlasm crypto/x86[_64]cpuid.pl: add OPENSSL_ia32_rd[rand|seed]_bytes. 2016-07-15 13:20:52 +02:00
pkcs7 Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
pkcs12 Sanity check input length in OPENSSL_uni2asc(). 2016-08-05 18:58:56 +01:00
poly1305 spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
rand spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
rc2 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
rc4 spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
rc5 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
ripemd Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
rsa Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
seed Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
sha sha/asm/sha1-x86_64.pl: fix crash in SHAEXT code on Windows. 2016-08-11 13:39:57 +02:00
srp check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
stack Add some const casts 2016-08-10 09:53:58 -04:00
ts Limit status message sisze in ts_get_status_check 2016-08-04 17:34:28 +01:00
txt_db Rename lh_xxx,sk_xxx tp OPENSSL_{LH,SK}_xxx 2016-05-20 10:48:29 -04:00
ui crypto/ui/ui_openssl.c: let new-line through after query in Windows path. 2016-08-11 14:36:54 +02:00
whrlpool Convert memset calls to OPENSSL_cleanse 2016-06-30 15:51:57 +01:00
x509 spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
x509v3 Fix irregularities in GENERAL_NAME_print(). 2016-08-05 21:36:42 -04:00
alphacpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm64cpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm_arch.h Copyright consolidation 07/10 2016-05-17 14:51:26 -04:00
armcap.c Copyright consolidation 07/10 2016-05-17 14:51:26 -04:00
armv4cpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
build.info Move OS-specific fopen quirks to o_fopen.c. 2016-06-22 21:51:53 +02:00
c64xpluscpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
cpt_err.c Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
cryptlib.c crypto/cryptlib.c: omit OPENSSL_ia32cap_loc(). 2016-06-22 20:20:37 +02:00
cversion.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
dllmain.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
ebcdic.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
ex_data.c Const the ex data stuff too to fix warnings 2016-08-01 16:13:27 +02:00
ia64cpuid.S Add final(?) set of copyrights. 2016-06-01 11:27:25 -04:00
init.c Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
LPdir_nyi.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_unix.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_vms.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
LPdir_win.c Fix mingw build 2016-07-18 10:47:07 +01:00
LPdir_win32.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_wince.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
mem.c Convert memset calls to OPENSSL_cleanse 2016-06-30 15:51:57 +01:00
mem_clr.c Fix some style issues... 2016-08-02 09:59:23 +02:00
mem_dbg.c fix crypto-mdebug build 2016-07-20 12:41:31 +01:00
mem_sec.c Copyright consolidation 06/10 2016-05-17 14:51:04 -04:00
o_dir.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
o_fips.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
o_fopen.c Fix a few if(, for(, while( inside code. 2016-07-20 07:21:53 -04:00
o_init.c Copyright consolidation 08/10 2016-05-17 14:51:34 -04:00
o_str.c buf2hexstr: properly deal with empty string 2016-06-21 20:55:54 +02:00
o_time.c VSI submisson: make better use of item lists in o_time.c 2016-08-04 16:51:39 +02:00
pariscid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
ppc_arch.h GH919: Fix wrappers for two headers 2016-05-24 11:04:38 -04:00
ppccap.c Fix some style issues... 2016-08-02 09:59:23 +02:00
ppccpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
s390xcap.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
s390xcpuid.S s390x assembly pack: improve portability. 2016-06-06 11:08:04 +02:00
sparc_arch.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
sparccpuid.S spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
sparcv9cap.c crypto/sparcv9cap.c: add missing declaration. 2016-08-12 10:26:20 +02:00
threads_none.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
threads_pthread.c Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
threads_win.c include/openssl: don't include <windows.h> in public headers. 2016-07-08 11:49:44 +02:00
uid.c Copyright consolidation 07/10 2016-05-17 14:51:26 -04:00
vms_rms.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x86_64cpuid.pl crypto/x86[_64]cpuid.pl: add OPENSSL_ia32_rd[rand|seed]_bytes. 2016-07-15 13:20:52 +02:00
x86cpuid.pl crypto/x86[_64]cpuid.pl: add OPENSSL_ia32_rd[rand|seed]_bytes. 2016-07-15 13:20:52 +02:00