kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3c995f30e7
boringssl/crypto/asn1
History
Martin Kreichgauer 3c995f30e7 Fix overflow in c2i_ASN1_BIT_STRING. 
c2i_ASN1_BIT_STRING takes length as a long but uses it as an int. Check bounds
before doing so. Previously, excessively large inputs to the function could
write a single byte outside the target buffer. (This is unreachable as
asn1_ex_c2i already uses int for the length.)

Thanks to NCC for finding this issue.

Change-Id: I7ae42214ca620d4159fa01c942153717a7647c65
Reviewed-on: https://boringssl-review.googlesource.com/19204
Reviewed-by: Martin Kreichgauer <martinkr@google.com>
Commit-Queue: Martin Kreichgauer <martinkr@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-09-06 21:58:26 +00:00
..
a_bitstr.c Fix overflow in c2i_ASN1_BIT_STRING. 2017-09-06 21:58:26 +00:00
a_bool.c
a_d2i_fp.c Remove some dead code from crypto/asn1. 2017-06-09 19:58:38 +00:00
a_dup.c
a_enum.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
a_gentm.c Fix time offset calculation. 2017-05-03 16:23:16 +00:00
a_i2d_fp.c
a_int.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
a_mbstr.c
a_object.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
a_octet.c
a_print.c Remove some dead code from crypto/asn1. 2017-06-09 19:58:38 +00:00
a_strnid.c Convert stack.h to use inline functions. 2017-05-22 15:06:04 +00:00
a_time.c Fix potential memory leak in ASN1_TIME_to_generalizedtime() 2017-03-21 18:10:51 +00:00
a_type.c Fix ASN1_INTEGER handling. 2016-05-03 16:58:51 +00:00
a_utctm.c Fix time offset calculation. 2017-05-03 16:23:16 +00:00
a_utf8.c
asn1_lib.c Remove some dead code from crypto/asn1. 2017-06-09 19:58:38 +00:00
asn1_locl.h Fix miscellaneous clang-tidy warnings. 2017-08-01 20:39:46 +00:00
asn1_par.c Remove ASN1_parse and ASN1_parse_dump. 2016-06-14 17:39:17 +00:00
asn1_test.cc Convert asn1_test to GTest. 2017-03-21 14:31:01 +00:00
asn_pack.c
charmap.pl
CMakeLists.txt Remove some dead code from crypto/asn1. 2017-06-09 19:58:38 +00:00
f_enum.c Purge some a2i functions. 2016-08-16 19:38:31 +00:00
f_int.c Purge some a2i functions. 2016-08-16 19:38:31 +00:00
f_string.c Purge some a2i functions. 2016-08-16 19:38:31 +00:00
tasn_dec.c Fix mis-import of upstream cc598f321fbac9c04da5766243ed55d55948637d. 2017-02-17 01:21:29 +00:00
tasn_enc.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
tasn_fre.c
tasn_new.c Fix various malloc failure checks. 2017-02-17 01:11:21 +00:00
tasn_typ.c Remove spurious ';' and fix indentation for macro arguments in one file 2016-08-03 21:41:01 +00:00
tasn_utl.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
time_support.c Fix miscellaneous clang-tidy warnings. 2017-08-01 20:39:46 +00:00