| Age | Commit message (Collapse) | Author |
|---|
|
Fix comment, add another overflow check, tidy style
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit de8883e11befde31d9b6cfbbd1fc017c365e0bbf)
|
|
BUF_strndup was calling strlen through BUF_strlcpy, and ended up reading
past the input if the input was not a C string.
Make it explicitly part of BUF_strndup's contract to never read more
than |siz| input bytes. This augments the standard strndup contract to
be safer.
The commit also adds a check for siz overflow and some brief documentation
for BUF_strndup().
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 110f7b37de9feecfb64950601cc7cec77cf6130b)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
BUF_MEM_free() attempts to cleanse memory using memset immediately prior
to a free. This is at risk of being optimised away by the compiler, so
replace with a call to OPENSSL_cleanse() instead.
With thanks to the Open Crypto Audit Project for reporting this issue.
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 0f539dc1a2f45580435c39dada44dd276e79cb88)
Conflicts:
Makefile.org
apps/Makefile
test/Makefile
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
(cherry picked from commit 415ece73015a0e24ea934ecfb857d022952bb65b)
|
|
|
|
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
|
|
This meant a slight renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable. However, since there's been no release on
this branch yet, it should be harmless.
|
|
|
|
0.9.8 branch).
|
|
|
|
|
|
|
|
|
|
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
|
|
|
|
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
|
|
|
|
|
|
|
|
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
|
|
corresponding headers are only required for API functions or structure
details. This now includes the bignum types and BUF_MEM. Subsequent commits
will remove various dependencies on bn.h and buffer.h and update the
makefile dependencies.
|
|
|
|
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
|
|
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
|
|
that uses them that I'll commit in a few days.
|
|
|
|
|
|
|
|
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
|
|
handled properly.
Part of PR 75
|
|
|
|
perl util/mkerr.pl -recurse -write -rebuild
|
|
had to be allocated, not just when reusing the existing buffer.
|
|
|
|
|
|
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
|
|
and make all files the depend on it include it without prefixing it
with openssl/.
This means that all Makefiles will have $(TOP) as one of the include
directories.
|
|
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
|
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
|
|
|
|
Also, "make update" has added some missing functions to libeay.num,
updated the TABLE for the alpha changes, and updated thousands of
dependancies that have changed from recent commits.
|
|
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages. That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.
This change includes all the name changes needed throughout all C files.
|
