1. 26 5月, 2023 1 次提交
  2. 12 4月, 2023 2 次提交
  3. 10 8月, 2021 1 次提交
  4. 27 2月, 2020 1 次提交
  5. 03 4月, 2018 1 次提交
  6. 20 3月, 2018 1 次提交
  7. 28 2月, 2018 1 次提交
    • D
      bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data · d070b4ae
      Dr. Matthias St. Pierre 提交于
      Fixes #5405, #1381
      
      The base64 filter BIO reads its input in chunks of B64_BLOCK_SIZE bytes.
      When processing input in PEM format it can happen in rare cases that
      
      - the trailing PEM marker crosses the boundary of a chunk, and
      - the beginning of the following chunk contains valid base64 encoded data.
      
      This happened in issue #5405, where the PEM marker was split into
      "-----END CER" and "TIFICATE-----" at the end of the first chunk.
      
      The decoding of the first chunk terminated correctly at the '-' character,
      which is treated as an EOF marker, and b64_read() returned. However,
      when called the second time, b64_read() read the next chunk and interpreted
      the string "TIFICATE" as valid base64 encoded data, adding 6 extra bytes
      '4c 81 48 08 04 c4'.
      
      This patch restores the assignment of the error code to 'ctx->cont', which
      was deleted accidentally in commit 5562cfac and which prevents b64_read()
      from reading additional data on subsequent calls.
      
      This issue was observed and reported by Annie Yousar.
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/5422)
      d070b4ae
  8. 16 12月, 2017 1 次提交
  9. 10 12月, 2017 1 次提交
  10. 18 10月, 2017 1 次提交
  11. 01 3月, 2017 1 次提交
  12. 28 10月, 2016 2 次提交
  13. 16 6月, 2016 1 次提交
  14. 18 5月, 2016 1 次提交
  15. 09 5月, 2016 2 次提交
  16. 30 3月, 2016 1 次提交
  17. 22 3月, 2016 1 次提交
  18. 27 1月, 2016 1 次提交
    • R
      Remove /* foo.c */ comments · 34980760
      Rich Salz 提交于
      This was done by the following
              find . -name '*.[ch]' | /tmp/pl
      where /tmp/pl is the following three-line script:
              print unless $. == 1 && m@/\* .*\.[ch] \*/@;
              close ARGV if eof; # Close file to reset $.
      
      And then some hand-editing of other files.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      34980760
  19. 11 12月, 2015 1 次提交
  20. 04 9月, 2015 1 次提交
  21. 14 5月, 2015 1 次提交
  22. 05 5月, 2015 1 次提交
    • R
      Use safer sizeof variant in malloc · b4faea50
      Rich Salz 提交于
      For a local variable:
              TYPE *p;
      Allocations like this are "risky":
              p = OPENSSL_malloc(sizeof(TYPE));
      if the type of p changes, and the malloc call isn't updated, you
      could get memory corruption.  Instead do this:
              p = OPENSSL_malloc(sizeof(*p));
      Also fixed a few memset() calls that I noticed while doing this.
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      b4faea50
  23. 29 4月, 2015 1 次提交
  24. 03 2月, 2015 1 次提交
  25. 22 1月, 2015 1 次提交
  26. 06 5月, 2014 1 次提交
  27. 03 4月, 2014 1 次提交
    • E
      Fix base64 decoding bug. · 10378fb5
      Eric Young 提交于
      A short PEM encoded sequence if passed to the BIO, and the file
      had 2 \n following would fail.
      
      PR#3289
      10378fb5
  28. 27 5月, 2010 1 次提交
    • D
      PR: 2258 · cb877ccb
      Dr. Stephen Henson 提交于
      Submitted By: Ger Hobbelt <ger@hobbelt.com>
      
      Base64 BIO fixes:
      
      Use OPENSSL_assert() instead of assert().
      Use memmove() as buffers overlap.
      Fix write retry logic.
      cb877ccb
  29. 30 10月, 2003 1 次提交
    • G
      A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. · 27545970
      Geoff Thorpe 提交于
      I have tried to convert 'len' type variable declarations to unsigned as a
      means to address these warnings when appropriate, but when in doubt I have
      used casts in the comparisons instead. The better solution (that would get
      us all lynched by API users) would be to go through and convert all the
      function prototypes and structure definitions to use unsigned variables
      except when signed is necessary. The proliferation of (signed) "int" for
      strictly non-negative uses is unfortunate.
      27545970
  30. 22 2月, 2003 1 次提交
  31. 20 2月, 2003 1 次提交
  32. 13 11月, 2002 1 次提交
  33. 12 10月, 2001 1 次提交
  34. 27 7月, 2000 1 次提交
  35. 21 6月, 2000 1 次提交
    • D
      · 13083215
      Dr. Stephen Henson 提交于
      Fixes for Win32 build.
      
      This is mostly a work around for the old VC++ problem
      that it treats func() as func(void).
      
      Various prototypes had been added to 'compare' function
      pointers that triggered this. This could be fixed by removing
      the prototype, adding function pointer casts to every call or
      changing the passed function to use the expected arguments.
      I mostly did the latter.
      
      The mkdef.pl script was modified to remove the typesafe
      functions which no longer exist.
      
      Oh and some functions called OPENSSL_freeLibrary() were
      changed back to FreeLibrary(), wonder how that happened :-)
      13083215
  36. 02 6月, 2000 1 次提交
    • R
      There have been a number of complaints from a number of sources that names · 26a3a48d
      Richard Levitte 提交于
      like Malloc, Realloc and especially Free conflict with already existing names
      on some operating systems or other packages.  That is reason enough to change
      the names of the OpenSSL memory allocation macros to something that has a
      better chance of being unique, like prepending them with OPENSSL_.
      
      This change includes all the name changes needed throughout all C files.
      26a3a48d
  37. 16 5月, 2000 1 次提交