kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7a8e62dbd9
boringssl/crypto
History
David Benjamin 7a8e62dbd9 Fix ASN1_TYPE_cmp 
Fix segmentation violation when ASN1_TYPE_cmp is passed a boolean type. This
can be triggered during certificate verification so could be a DoS attack
against a client or a server enabling client authentication.

CVE-2015-0286

(Imported from upstream's e677e8d13595f7b3287f8feef7676feb301b0e8a.)

Change-Id: I5faefc190568504bb5895ed9816a6d80432cfa45
Reviewed-on: https://boringssl-review.googlesource.com/4048
Reviewed-by: Adam Langley <agl@google.com>
2015-03-19 19:48:41 +00:00
..
aes Fix undefined behavior in shifts. 2015-03-19 11:33:46 +00:00
asn1 Fix ASN1_TYPE_cmp 2015-03-19 19:48:41 +00:00
base64 Remove string.h from base.h. 2015-02-02 19:14:15 +00:00
bio Use TCP sockets rather than socketpairs in the SSL tests. 2015-02-23 19:59:06 +00:00
bn Avoid undefined behavior in probable_prime. 2015-03-19 11:36:49 +00:00
buf Precompute sorted array for error strings. 2015-02-09 17:35:31 -08:00
bytestring Add in missing curly braces part 1. 2015-02-11 19:31:01 +00:00
chacha Switch nonce type in chacha_vec.c to uint32_t. 2015-02-13 13:16:59 -08:00
cipher Add AEADs for AES-CTR with HMAC-SHA256. 2015-03-18 21:16:55 +00:00
conf Add in missing curly braces part 1. 2015-02-11 19:31:01 +00:00
des Add support for 3DES ECB. 2015-03-18 19:55:14 +00:00
dh Add in missing curly braces part 1. 2015-02-11 19:31:01 +00:00
digest Precompute sorted array for error strings. 2015-02-09 17:35:31 -08:00
dsa Add in missing curly braces part 1. 2015-02-11 19:31:01 +00:00
ec Remove pointless free, and use preferred way of calling d2i_* functions 2015-02-27 19:47:36 +00:00
ecdh Add in missing curly braces part 2. 2015-02-11 23:14:04 +00:00
ecdsa Add in missing curly braces part 2. 2015-02-11 23:14:04 +00:00
engine Precompute sorted array for error strings. 2015-02-09 17:35:31 -08:00
err Add AEADs for AES-CTR with HMAC-SHA256. 2015-03-18 21:16:55 +00:00
evp Use EC_KEY_new_by_curve_name. 2015-03-13 19:49:39 +00:00
hkdf Precompute sorted array for error strings. 2015-02-09 17:35:31 -08:00
hmac Forbid reusing HMAC key without reusing the hash function. 2015-03-02 23:16:12 +00:00
lhash Remove more bits of ERR_STRING_DATA. 2015-02-10 02:10:46 +00:00
md4 Remove string.h from base.h. 2015-02-02 19:14:15 +00:00
md5 Remove explicit .hiddens from x86_64 perlasm files. 2015-02-25 21:26:16 +00:00
modes ARMv4 assembly pack: add Cortex-A15 performance data. 2015-03-10 02:32:05 +00:00
obj Precompute sorted array for error strings. 2015-02-09 17:35:31 -08:00
pem Precompute sorted array for error strings. 2015-02-09 17:35:31 -08:00
perlasm Remove Unused SPARC & PowerPC perlasm scripts. 2015-03-14 00:16:55 +00:00
pkcs8 Add in missing curly braces part 3. 2015-02-11 15:14:46 -08:00
poly1305 Add in missing curly braces part 3. 2015-02-11 15:14:46 -08:00
rand Add in missing curly braces part 3. 2015-02-11 15:14:46 -08:00
rc4 Remove explicit .hiddens from x86_64 perlasm files. 2015-02-25 21:26:16 +00:00
rsa Remove remaining remnants of RIPEMD-160 support. 2015-03-17 21:03:42 +00:00
sha ARMv4 assembly pack: add Cortex-A15 performance data. 2015-03-10 02:32:05 +00:00
stack Add sk_deep_copy and its macro. 2015-02-13 10:59:10 -08:00
x509 Fix seg fault in ASN1_generate_v3/ASN1_generate_nconf 2015-03-19 11:08:50 +00:00
x509v3 Fix more missing error checks in v3_cpols.c 2015-03-19 19:41:28 +00:00
arm_arch.h aarch64 support. 2015-01-14 23:38:11 +00:00
CMakeLists.txt Find perl using the CMake's standard FindPerl module. 2015-02-23 19:59:48 +00:00
constant_time_test.c Update constant-time operations. 2014-11-10 13:48:30 -08:00
cpu-arm-asm.S Don't probe for NEON with SIGILL on aarch64. 2015-02-03 19:56:25 +00:00
cpu-arm.c Don't install SIGILL handler until after sigsetjmp. 2015-03-19 11:53:07 +00:00
cpu-intel.c Remove string.h from base.h. 2015-02-02 19:14:15 +00:00
cpu-x86_64-asm.pl Remove explicit .hiddens from x86_64 perlasm files. 2015-02-25 21:26:16 +00:00
cpu-x86-asm.pl Never set RC4_CHAR. 2015-02-20 23:59:59 +00:00
crypto_error.h
crypto.c aarch64 support. 2015-01-14 23:38:11 +00:00
directory_posix.c Remove string.h from base.h. 2015-02-02 19:14:15 +00:00
directory_win.c Remove string.h from base.h. 2015-02-02 19:14:15 +00:00
directory.h Add visibility rules. 2014-07-31 22:03:11 +00:00
ex_data_impl.c Free more memory in cleanup functions. 2015-01-13 00:04:35 +00:00
ex_data.c Don't compare signed vs. unsigned. 2014-10-01 02:17:38 +00:00
header_removed.h
internal.h aarch64 support. 2015-01-14 23:38:11 +00:00
mem.c Enable more warnings & treat warnings as errors on Windows. 2015-01-31 00:18:55 +00:00
thread.c Fix duplicate lock IDs & simplify lock ID maintenance. 2015-03-17 23:58:20 +00:00
time_support.c Add in missing curly braces part 3. 2015-02-11 15:14:46 -08:00