kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
074cc04022
boringssl/crypto
History
David Benjamin 074cc04022 Reject negative shifts for BN_rshift and BN_lshift. 
The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.

Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.

(Imported from upstream's 7cc18d8158b5fc2676393d99b51c30c135502107.)

Change-Id: Ib9f5e410a46df3d7f02a61374807fba209612bd3
Reviewed-on: https://boringssl-review.googlesource.com/4892
Reviewed-by: Adam Langley <agl@google.com>
2015-05-27 21:59:35 +00:00
..
aes aes/asm/bsaes-armv7.pl: fix compilation with Xcode 6.3. 2015-05-27 21:58:27 +00:00
asn1 Convert reference counts in crypto/ 2015-05-20 19:15:26 +00:00
base64 Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
bio Fix some malloc test crashs. 2015-05-21 18:00:10 +00:00
bn Reject negative shifts for BN_rshift and BN_lshift. 2015-05-27 21:59:35 +00:00
buf
bytestring Fix some malloc test crashs. 2015-05-21 18:00:10 +00:00
chacha
cipher Fix some malloc test crashs. 2015-05-21 18:00:10 +00:00
cmac Add support for CMAC (RFC 4493). 2015-05-07 21:13:41 +00:00
conf Add NCONF_load_bio. 2015-04-06 16:58:45 -07:00
des Implement |DES_ede2_cbc_encrypt|. 2015-05-20 18:36:01 +00:00
dh Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
digest Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
dsa Fix some malloc test crashs. 2015-05-21 18:00:10 +00:00
ec Fix some malloc test crashs. 2015-05-21 18:00:10 +00:00
ecdh
ecdsa Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
engine
err Reject negative shifts for BN_rshift and BN_lshift. 2015-05-27 21:59:35 +00:00
evp Do-nothing fns |OpenSSL_add_all_ciphers| and |OpenSSL_add_all_digests|. 2015-05-21 21:07:48 +00:00
hkdf Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
hmac Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
lhash Fix some malloc test crashs. 2015-05-21 18:00:10 +00:00
md4 Eliminate unnecessary includes from low-level crypto modules. 2015-04-13 20:49:18 +00:00
md5
modes Add some comments and tweak assertions for cbc.c. 2015-05-27 21:48:36 +00:00
obj Remove fake RLE compression OID. 2015-05-27 21:49:39 +00:00
pem Eliminate unnecessary includes from low-level crypto modules. 2015-04-13 20:49:18 +00:00
perlasm Add assembly support for 32-bit iOS. 2015-05-04 22:44:24 +00:00
pkcs8 Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
poly1305 Fix ARM Clang build. 2015-05-05 00:24:59 +00:00
rand Don't use uninitialized memory in RAND_bytes. 2015-05-15 20:31:27 +00:00
rc4 Mind the end of the buffer in aligned case of generic RC4 implementation. 2015-05-12 19:31:09 +00:00
rsa Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
sha Add assembly support for 32-bit iOS. 2015-05-04 22:44:24 +00:00
stack Remove unnecessary NULL checks, part 4. 2015-05-04 23:13:12 +00:00
test Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
x509 Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
x509v3 Add OPENSSL_PUT_ERROR line to X509V3_parse_list. 2015-05-27 21:56:16 +00:00
arm_arch.h
CMakeLists.txt Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
constant_time_test.c
cpu-arm-asm.S
cpu-arm.c Support Trusty, an embedded platform. 2015-05-08 18:34:55 +00:00
cpu-intel.c Eliminate unnecessary includes from low-level crypto modules. 2015-04-13 20:49:18 +00:00
cpu-x86_64-asm.pl
cpu-x86-asm.pl
crypto.c Fix |SSLeay|. 2015-05-20 17:44:44 +00:00
directory_posix.c Eliminate unnecessary includes from low-level crypto modules. 2015-04-13 20:49:18 +00:00
directory_win.c Eliminate unnecessary includes from low-level crypto modules. 2015-04-13 20:49:18 +00:00
directory.h
ex_data.c Remove unnecessary NULL checks, part 3. 2015-05-04 23:12:04 +00:00
header_removed.h
internal.h Have consumers supply OPENSSL_C11_ATOMIC. 2015-05-27 19:21:59 +00:00
mem.c Lowercase some Windows headers. 2015-03-31 22:21:42 +00:00
refcount_c11.c Cast refcounts to _Atomic before use. 2015-05-20 13:39:22 -07:00
refcount_lock.c Add infrastructure for reference counts. 2015-05-20 19:14:59 +00:00
refcount_test.c Specify argc and argv arguments to refcount_test:main. 2015-05-20 13:49:41 -07:00
thread_none.c Support Trusty, an embedded platform. 2015-05-08 18:34:55 +00:00
thread_pthread.c Support Trusty, an embedded platform. 2015-05-08 18:34:55 +00:00
thread_test.c Support Trusty, an embedded platform. 2015-05-08 18:34:55 +00:00
thread_win.c Support Trusty, an embedded platform. 2015-05-08 18:34:55 +00:00
thread.c Remove leftovers of the old-style locks. 2015-05-20 19:18:44 +00:00
time_support.c Eliminate unnecessary includes from low-level crypto modules. 2015-04-13 20:49:18 +00:00