| Age | Commit message (Collapse) | Author |
|---|
|
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
CVE-2015-1788
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 4924b37ee01f71ae19c94a8934b80eeb2f677932)
|
|
A BIGNUM can have the value of -0. The function BN_bn2hex fails to account
for this and can allocate a buffer one byte too short in the event of -0
being used, leading to a one byte buffer overrun. All usage within the
OpenSSL library is considered safe. Any security risk is considered
negligible.
With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and
Filip Palian for discovering and reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit c56353071d9849220714d8a556806703771b9269)
Conflicts:
crypto/bn/bn_print.c
|
|
RT#3859
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 60c268b21ac81cc6b1af5c5470282a613b96f6fd)
|
|
bn_get_bits5 was overstepping array boundary by 1 byte. It was exclusively
read overstep and data could not have been used. The only potential problem
would be if array happens to end on the very edge of last accesible page.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 69567687b0b7ed67831c17a010f4d46dfd059aef)
|
|
RT#3852
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 86e5d1e32b2d702a5fc777e612cd746e790098ef)
|
|
BLKINIT optimization worked on T4, but for some reason appears "too
aggressive" for T3 triggering intermiitent EC failures. It's not clear
why only EC is affected...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 579734ced696125c0768a2f4e56e97939b0e6e49)
|
|
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 0f539dc1a2f45580435c39dada44dd276e79cb88)
Conflicts:
Makefile.org
apps/Makefile
test/Makefile
|
|
If BN_rand is called with |bits| set to 1 and |top| set to 1 then a 1 byte
buffer overflow can occur. There are no such instances within the OpenSSL at
the moment.
Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke, Filip Palian for
discovering and reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.
Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 7cc18d8158b5fc2676393d99b51c30c135502107)
Conflicts:
crypto/bn/bn.h
crypto/bn/bn_err.c
|
|
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Matt Caswell <gitlab@openssl.org>
|
|
Ensure all calls to RAND_bytes and RAND_pseudo_bytes have their return
value checked correctly
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
In the event of an error |rr| could be NULL. Therefore don't assume you can
use |rr| in the error handling code.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 8c5a7b33c6269c3bd6bc0df6b4c22e4fba03b485)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
This should be a one off operation (subsequent invokation of the
script should not move them)
This commit is for the 1.0.2 changes
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
crypto/dsa/dsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl_locl.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.
Conflicts:
crypto/bn/bn.h
crypto/ec/ec_lcl.h
crypto/rsa/rsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl.h
ssl/ssl3.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
crypto/bn/bntest.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
apps/ciphers.c
ssl/s3_pkt.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
(cherry picked from commit 4a7fa26ffd65bf36beb8d1cb8f29fc0ae203f5c5)
Conflicts:
crypto/x509v3/pcy_tree.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
indent will not alter them when reformatting comments
(cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960)
Conflicts:
crypto/bn/bn_lcl.h
crypto/bn/bn_prime.c
crypto/engine/eng_all.c
crypto/rc4/rc4_utl.c
crypto/sha/sha.h
ssl/kssl.c
ssl/t1_lib.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit b3d7294976c58e0e05d0ee44a0e7c9c3b8515e05)
|
|
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 56df92efb6893abe323307939425957ce878c8f0)
|
|
This reverts commit caeed719fe3fd619415755f245ab8a904978d99d.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 4fec91506975f62a2f93be71a46acc7fae7eef45)
|
|
This facilitates "universal" builds, ones that target multiple
architectures, e.g. ARMv5 through ARMv7. See commentary in
Configure for details.
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit c1669e1c205dc8e695fb0c10a655f434e758b9f7)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
master branch has a specific regression test for a bug in x86_64-mont5 code,
see commit cdfe0fdde6a966bdb0447de66aa04a85d99a0551.
This code is now in 1.0.2/1.0.1, so also backport the test.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Invalid zero-padding in the divisor could cause a division by 0.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
The temporary variable causes unused variable warnings in opt mode with clang,
because the subsequent assert is compiled out.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 8b07c005fe006044d0e4a795421447deca3c9f2c)
|
|
RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit d475b2a3bfde8d4aceefb41b21acc3711893d2a8)
|
|
(cherry picked from commit 2b0180c37fa6ffc48ee40caa831ca398b828e680)
Reviewed-by: Ben Laurie <ben@openssl.org>
|
|
RT: 2835
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 15735e4f0e81d535cda0ad7ab52a0ed64b644cd0)
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.
This does have the impact of masking any *real* unitialised data reads in bn though.
Patch based on approach suggested by Rich Salz.
PR#3415
(cherry picked from commit 77747e2d9a5573b1dbc15e247ce18c03374c760c)
|
