kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
14b07a02a6
boringssl/crypto
History
Steven Valdez 14b07a02a6 Harden ASN.1 BIO handling of large amounts of data. 
If the ASN.1 BIO is presented with a large length field read it in
chunks of increasing size checking for EOF on each read. This prevents
small files allocating excessive amounts of data.

CVE-2016-2109

Thanks to Brian Carpenter for reporting this issue.

(Imported from upstream's f32774087f7b3db1f789688368d16d917757421e)

Change-Id: Id1b0d4436c4879d0ba7d3b7482b937cafffa28f7
Reviewed-on: https://boringssl-review.googlesource.com/7741
Reviewed-by: David Benjamin <davidben@google.com>
2016-04-26 17:06:16 +00:00
..
aes Switch all 'num' parameters in crypto/modes to unsigned. 2016-04-19 17:56:25 +00:00
asn1 Harden ASN.1 BIO handling of large amounts of data. 2016-04-26 17:06:16 +00:00
base64
bio
bn Make return value of |BN_MONT_CTX_set_locked| int. 2016-04-18 23:19:08 +00:00
buf
bytestring
chacha chacha/asm/chacha-armv8.pl: fix intermittent build failures. 2016-04-14 20:50:36 +00:00
cipher Switch all 'num' parameters in crypto/modes to unsigned. 2016-04-19 17:56:25 +00:00
cmac
conf
curve25519
des Use the straight-forward ROTATE macro. 2015-12-16 19:57:31 +00:00
dh Make return value of |BN_MONT_CTX_set_locked| int. 2016-04-18 23:19:08 +00:00
digest Make EVP_MD_CTX size functions return size_t. 2016-04-19 15:12:41 +00:00
dsa Make return value of |BN_MONT_CTX_set_locked| int. 2016-04-18 23:19:08 +00:00
ec Use different bit tricks to extend the LSB. 2016-04-25 23:05:20 +00:00
ecdh Clean up |ECDH_compute_key|. 2015-10-27 17:00:25 +00:00
ecdsa
engine
err
evp
hkdf
hmac Reimplement PKCS#12 key derivation. 2016-04-19 18:16:38 +00:00
lhash
md4
md5
modes Switch all 'num' parameters in crypto/modes to unsigned. 2016-04-19 17:56:25 +00:00
obj Fix build. 2016-04-26 15:53:09 +00:00
pem
perlasm
pkcs8 Add standalone PKCS#8 and SPKI fuzzers. 2016-04-25 21:57:28 +00:00
poly1305
rand
rc4 Remove RC4_options from rc4-586.pl. 2016-04-22 21:14:11 +00:00
rsa Require the public exponent to be available in RSA blinding. 2016-04-18 23:34:46 +00:00
sha
stack
test
x509
x509v3
CMakeLists.txt Add standalone PKCS#8 and SPKI fuzzers. 2016-04-25 21:57:28 +00:00
constant_time_test.c
cpu-aarch64-linux.c
cpu-arm-linux.c
cpu-arm.c
cpu-intel.c
crypto.c
directory_posix.c
directory_win.c
directory.h
ex_data.c
internal.h Replace CRYPTO_once_t on Windows with INIT_ONCE. 2016-04-19 21:34:20 +00:00
mem.c Fix some indentation. 2016-01-28 00:51:45 +00:00
refcount_c11.c
refcount_lock.c
refcount_test.c
thread_none.c
thread_pthread.c
thread_test.c Use nanosleep instead of usleep. 2016-04-19 21:54:26 +00:00
thread_win.c Replace CRYPTO_once_t on Windows with INIT_ONCE. 2016-04-19 21:34:20 +00:00
thread.c
time_support.c