openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity
openssl/apps
History
Neil Horman a552c23c65 Harden asn1 oid loader to invalid inputs 
In the event that a config file contains this sequence:
=======
openssl_conf = openssl_init

config_diagnostics = 1

[openssl_init]
oid_section = oids

[oids]
testoid1 = 1.2.3.4.1
testoid2 = A Very Long OID Name, 1.2.3.4.2
testoid3 = ,1.2.3.4.3
======

The leading comma in testoid3 can cause a heap buffer overflow, as the
parsing code will move the string pointer back 1 character, thereby
pointing to an invalid memory space

correct the parser to detect this condition and handle it by treating it
as if the comma doesn't exist (i.e. an empty long oid name)

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22957)
 		2023-12-13 11:10:36 -05:00
..
demoSRP apps & al : Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:28 +11:00
include Add option `SSL_OP_PREFER_NO_DHE_KEX`, allowing the server to prefer non-dhe psk key exchange over psk with dhe (config file option `PreferNoDHEKEX`, server option `prefer_no_dhe_kex`). 2023-11-24 15:08:04 +00:00
lib Fix a possible memleak in opt_verify 2023-12-12 19:50:23 +01:00
CA.pl.in
asn1parse.c Harden asn1 oid loader to invalid inputs 2023-12-13 11:10:36 -05:00
build.info
ca-cert.srl
ca-key.pem
ca-req.pem
ca.c Copyright year updates 2023-09-07 09:59:15 +01:00
cert.pem
ciphers.c Check that sk_SSL_CIPHER_value returns non-NULL value. 2022-09-20 18:27:17 +02:00
client.pem
cmp.c CMP: fix OSSL_CMP_MSG_http_perform() by adding option OSSL_CMP_OPT_USE_TLS 2023-10-10 20:36:06 +02:00
cms.c Fix a possible memleak in cms_main 2023-12-12 19:45:09 +01:00
crl.c Update copyright year 2022-05-03 13:34:51 +01:00
crl2pkcs7.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
ct_log_list.cnf
dgst.c Fix some memory leaks in the openssl app 2023-09-21 14:39:36 +02:00
dhparam.c Copyright year updates 2023-09-28 14:23:29 +01:00
dsa-ca.pem
dsa-pca.pem
dsa.c Copyright year updates 2023-09-07 09:59:15 +01:00
dsa512.pem
dsa1024.pem
dsap.pem
dsaparam.c Fix some memory leaks in the openssl app 2023-09-21 14:39:36 +02:00
ec.c Copyright year updates 2023-09-07 09:59:15 +01:00
ecparam.c Support decode SM2 parameters 2022-08-23 11:08:11 +10:00
enc.c enc: "bad decrypt" only in decryption 2023-09-20 08:12:07 +10:00
engine.c apps & al : Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:28 +11:00
errstr.c Fix some invalid use of sscanf 2023-12-12 16:12:32 +00:00
fipsinstall.c Copyright year updates 2023-09-07 09:59:15 +01:00
gendsa.c Copyright year updates 2023-09-28 14:23:29 +01:00
genpkey.c adding -outpubkey option to genpkey 2023-09-24 20:51:42 +02:00
genrsa.c Copyright year updates 2023-09-28 14:23:29 +01:00
info.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
insta.ca.crt
kdf.c
list.c Make 'openssl list' less sensitive for providers without params 2023-12-04 15:12:34 +01:00
mac.c Always use FORMAT_BINARY for infile 2022-09-20 08:18:25 +01:00
nseq.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
ocsp.c Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-vms.cnf Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 2023-10-20 16:30:43 +01:00
openssl.c APPS: remove duplicate definition of `trace_data_stack` 2023-09-18 09:06:47 +10:00
openssl.cnf Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 2023-10-20 16:30:43 +01:00
passwd.c Update copyright year 2022-05-03 13:34:51 +01:00
pca-cert.srl
pca-key.pem
pca-req.pem
pkcs7.c Update copyright year 2022-05-03 13:34:51 +01:00
pkcs8.c Added a 'saltlen' option to the openssl pkcs8 command line app. 2023-09-04 14:15:34 +10:00
pkcs12.c pkcs12: Do not forcibly load the config file 2023-12-13 12:32:22 +01:00
pkey.c Copyright year updates 2023-09-07 09:59:15 +01:00
pkeyparam.c APPS: pkeyparam: Support setting properties 2022-08-17 09:20:41 +02:00
pkeyutl.c Copyright year updates 2023-09-07 09:59:15 +01:00
prime.c Update copyright year 2022-05-03 13:34:51 +01:00
privkey.pem
progs.pl Copyright year updates 2023-09-28 14:23:29 +01:00
rand.c Augment rand argument parsing to allow scaling 2023-11-13 12:21:34 +01:00
rehash.c Fix a possible memleak in apps/rehash.c 2023-12-12 19:48:50 +01:00
req.c Fix some memory leaks in the openssl app 2023-09-21 14:39:36 +02:00
req.pem
rsa.c Copyright year updates 2023-09-07 09:59:15 +01:00
rsa8192.pem
rsautl.c Copyright year updates 2023-09-07 09:59:15 +01:00
s512-key.pem
s512-req.pem
s1024key.pem
s1024req.pem
s_client.c Don't error if s_client receives exactly BUFSIZZ data 2023-11-01 10:20:19 +00:00
s_server.c Bad function definition 2023-09-11 10:15:30 +02:00
s_time.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
server.pem
server.srl
server2.pem
sess_id.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
smime.c Fix a possible memleak in smime_main 2023-12-12 19:47:07 +01:00
speed.c openssl-speed: support KMAC128 & KMAC256, refactor mac setup/teardown 2023-11-24 13:58:14 +01:00
spkac.c Copyright year updates 2023-09-07 09:59:15 +01:00
srp.c
storeutl.c Fix openssl storeutl to allow serial + issuer 2022-12-14 09:33:25 +01:00
testCA.pem
testdsa.h
testrsa.h
timeouts.h
ts.c Copyright year updates 2023-09-07 09:59:15 +01:00
tsget.in
verify.c apps & al : Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:28 +11:00
version.c APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 2021-12-07 15:26:40 +01:00
vms_decc_init.c
x509.c Copyright year updates 2023-09-07 09:59:15 +01:00