openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity
openssl/crypto/evp
History
Matt Caswell e51dd6ee1b Fix BIO_f_cipher() flushing 
If an error occurs during a flush on a BIO_f_cipher() then in some cases
we could get into an infinite loop. We add a check to make sure we are
making progress during flush and exit if not.

This issue was reported by Octavio Galland who also demonstrated an
infinite loop in CMS encryption as a result of this bug.

The security team has assessed this issue as not a CVE. This occurs on
*encryption* only which is typically processing trusted data. We are not
aware of a way to trigger this with untrusted data.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19918)
 		2022-12-22 11:01:06 +01:00
..
asymcipher.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
bio_b64.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
bio_enc.c Fix BIO_f_cipher() flushing 2022-12-22 11:01:06 +01:00
bio_md.c evp: remove TODOs 2021-06-02 16:30:15 +10:00
bio_ok.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
build.info
c_allc.c Update copyright year 2022-05-03 13:34:51 +01:00
c_alld.c
cmeth_lib.c Fix EVP_MD_meth_dup and EVP_CIPHER_meth_dup 2021-07-28 09:36:54 +10:00
ctrl_params_translate.c rsa: Add option to disable implicit rejection 2022-12-12 11:30:52 +01:00
dh_ctrl.c
dh_support.c
digest.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
dsa_ctrl.c
e_aes.c crypto: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
e_aes_cbc_hmac_sha1.c Update copyright year 2022-05-03 13:34:51 +01:00
e_aes_cbc_hmac_sha256.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
e_aria.c crypto: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
e_bf.c Update copyright year 2021-06-17 13:24:59 +01:00
e_camellia.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
e_cast.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
e_chacha20_poly1305.c evp: Use functions instead of direct structure field references 2022-08-22 10:14:39 +02:00
e_des.c Fix Coverity 1201740 & 1201712: uninitialised values 2022-05-08 17:50:04 +10:00
e_des3.c Fix Coverity 1201740 & 1201712: uninitialised values 2022-05-08 17:50:04 +10:00
e_idea.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
e_null.c
e_old.c
e_rc2.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
e_rc4.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
e_rc4_hmac_md5.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
e_rc5.c Address coverity 1493382 argument cannot be negative 2021-11-08 08:55:32 +10:00
e_seed.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
e_sm4.c Update copyright year 2022-05-03 13:34:51 +01:00
e_xcbc_d.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
ec_ctrl.c
ec_support.c Update copyright year 2022-05-03 13:34:51 +01:00
encode.c
evp_cnf.c Don't try and load the config file while already loading the config file 2021-07-28 10:35:06 +10:00
evp_enc.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
evp_err.c
evp_fetch.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
evp_key.c Update copyright year 2021-06-17 13:24:59 +01:00
evp_lib.c Refine the documents of several APIs 2022-12-16 18:59:28 +01:00
evp_local.h Add HPKE DHKEM provider support for EC, X25519 and X448. 2022-09-23 09:24:47 +01:00
evp_pbe.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
evp_pkey.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
evp_rand.c rand: add set0 calls for the private and public DRBGs 2022-11-02 08:42:46 +11:00
evp_utils.c
exchange.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
kdf_lib.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
kdf_meth.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
kem.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
keymgmt_lib.c Propagate selection all the way on key export 2022-11-15 12:04:12 +01:00
keymgmt_meth.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
legacy_blake2.c
legacy_md2.c
legacy_md4.c
legacy_md5.c
legacy_md5_sha1.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
legacy_mdc2.c
legacy_meth.h Update copyright year 2021-06-17 13:24:59 +01:00
legacy_ripemd.c
legacy_sha.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
legacy_wp.c
m_null.c
m_sigver.c Update copyright year 2022-05-03 13:34:51 +01:00
mac_lib.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
mac_meth.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
names.c
p5_crpt.c Update copyright year 2021-06-17 13:24:59 +01:00
p5_crpt2.c Update copyright year 2022-05-03 13:34:51 +01:00
p_dec.c Fix possible null pointer dereference of evp_pkey_get_legacy() 2022-06-02 12:06:08 +02:00
p_enc.c Fix possible null pointer dereference of evp_pkey_get_legacy() 2022-06-02 12:06:08 +02:00
p_legacy.c Rename all getters to use get/get0 in name 2021-06-01 12:40:00 +02:00
p_lib.c Propagate selection all the way on key export 2022-11-15 12:04:12 +01:00
p_open.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
p_seal.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
p_sign.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
p_verify.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
pbe_scrypt.c
pmeth_check.c Make EVP_PKEY_check() be an alias for EVP_PKEY_pairwise_check() 2021-07-15 10:54:25 +10:00
pmeth_gn.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
pmeth_lib.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
signature.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00