Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
  1. 10 5月, 2016 3 次提交
  3. 09 5月, 2016 3 次提交
  5. 08 5月, 2016 1 次提交
  7. 07 5月, 2016 3 次提交
  9. 06 5月, 2016 7 次提交
  11. 05 5月, 2016 3 次提交
  13. 04 5月, 2016 8 次提交
  15. 03 5月, 2016 11 次提交
    • V
      Drop duplicate ctx->verify_cb assignment · 7b7eb472
      Viktor Dukhovni 提交于 
      The right variant is ~18 lines below.
Reviewed-by: NMatt Caswell <matt@openssl.org>
      7b7eb472
    • K
      Check that we have enough padding characters. · 70428ead
      Kurt Roeckx 提交于 
      Reviewed-by: NEmilia Käsper <emilia@openssl.org>

CVE-2016-2107

MR: #2572
      70428ead
    • D
      Fix ASN1_INTEGER handling. · d7ab691b
      Dr. Stephen Henson 提交于 
      Only treat an ASN1_ANY type as an integer if it has the V_ASN1_INTEGER
tag: V_ASN1_NEG_INTEGER is an internal only value which is never used
for on the wire encoding.

Thanks to David Benjamin <davidben@google.com> for reporting this bug.

This was found using libFuzzer.

RT#4364 (part)CVE-2016-2108.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      d7ab691b
    • M
      Ensure EVP_EncodeUpdate handles an output length that is too long · 2bd5d70c
      Matt Caswell 提交于 
      With the EVP_EncodeUpdate function it is the caller's responsibility to
determine how big the output buffer should be. The function writes the
amount actually used to |*outl|. However this could go negative with a
sufficiently large value for |inl|. We add a check for this error
condition.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
      2bd5d70c
    • M
      Avoid overflow in EVP_EncodeUpdate · ee1e3cac
      Matt Caswell 提交于 
      An overflow can occur in the EVP_EncodeUpdate function which is used for
Base64 encoding of binary data. If an attacker is able to supply very large
amounts of input data then a length check can overflow resulting in a heap
corruption. Due to the very large amounts of data involved this will most
likely result in a crash.

Internally to OpenSSL the EVP_EncodeUpdate function is primarly used by the
PEM_write_bio* family of functions. These are mainly used within the
OpenSSL command line applications, so any application which processes
data from an untrusted source and outputs it as a PEM file should be
considered vulnerable to this issue.

User applications that call these APIs directly with large amounts of
untrusted data may also be vulnerable.

Issue reported by Guido Vranken.

CVE-2016-2105
Reviewed-by: NRichard Levitte <levitte@openssl.org>
      ee1e3cac
    • D
      Properly own the duplicated string · b7b8e948
      Dmitry-Me 提交于 
      Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
      b7b8e948
    • D
      Improve comment · 399de496
      Dmitry-Me 提交于 
      Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
      399de496
    • M
      Prevent EBCDIC overread for very long strings · ea96ad5a
      Matt Caswell 提交于 
      ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
This could result in arbitrary stack data being returned in the buffer.

Issue reported by Guido Vranken.

CVE-2016-2176
Reviewed-by: NAndy Polyakov <appro@openssl.org>
      ea96ad5a
    • M
      Fix encrypt overflow · 3f358213
      Matt Caswell 提交于 
      An overflow can occur in the EVP_EncryptUpdate function. If an attacker is
able to supply very large amounts of input data after a previous call to
EVP_EncryptUpdate with a partial block then a length check can overflow
resulting in a heap corruption.

Following an analysis of all OpenSSL internal usage of the
EVP_EncryptUpdate function all usage is one of two forms.

The first form is like this:
EVP_EncryptInit()
EVP_EncryptUpdate()

i.e. where the EVP_EncryptUpdate() call is known to be the first called
function after an EVP_EncryptInit(), and therefore that specific call
must be safe.

The second form is where the length passed to EVP_EncryptUpdate() can be
seen from the code to be some small value and therefore there is no
possibility of an overflow.

Since all instances are one of these two forms, I believe that there can
be no overflows in internal code due to this problem.

It should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate()
in certain code paths. Also EVP_CipherUpdate() is a synonym for
EVP_EncryptUpdate(). Therefore I have checked all instances of these
calls too, and came to the same conclusion, i.e. there are no instances
in internal usage where an overflow could occur.

This could still represent a security issue for end user code that calls
this function directly.

CVE-2016-2106

Issue reported by Guido Vranken.
Reviewed-by: NTim Hudson <tjh@openssl.org>
      3f358213
    • D
      Fix i2d_X509_AUX: pp can be NULL. · 05aef4bb
      Dr. Stephen Henson 提交于 
      Reported by David Benjamin
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      05aef4bb
    • T
      Secure memory fixes · e8408681
      Todd Short 提交于 
      Fix some of the variables to be (s)size_t, so that more than 1GB of
secure memory can be allocated. The arena has to be a power of 2, and
2GB fails because it ends up being a negative 32-bit signed number.

The |too_late| flag is not strictly necessary; it is easy to figure
out if something is secure memory by looking at the arena. As before,
secure memory allocations will not fail, but now they can be freed
correctly. Once initialized, secure memory can still be used, even if
allocations occured before initialization.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
      e8408681
  17. 02 5月, 2016 1 次提交