zzy/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openssl/ssl
History
Bernd Edlinger bc0773bbbd Fix a possible use-after-free in custom_exts_free 
This may happen when ssl_cert_dup calls custom_exts_copy, where
a possible memory allocation error causes custom_exts_free
to be called twice: once in the error handling of custom_exts_copy
and a second time in the error handling of ssl_cert_dup.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22772)
2023-11-22 09:34:55 +01:00
..
quic
Correct tag len check when determining how much space we have in the pkt
2023-11-15 11:06:52 +01:00
record
Make sure we remember how much data we sent in the event of a retry
2023-10-24 17:37:19 +01:00
statem
Fix a possible use-after-free in custom_exts_free
2023-11-22 09:34:55 +01:00
bio_ssl.c
Copyright year updates
2023-09-07 09:59:15 +01:00
build.info
Revise build.info
2023-03-30 11:14:17 +01:00
d1_lib.c
Move freeing of an old record layer to dtls1_clear_sent_buffer
2023-11-21 13:09:28 +01:00
d1_msg.c
Copyright year updates
2023-09-07 09:59:15 +01:00
d1_srtp.c
Copyright year updates
2023-09-07 09:59:15 +01:00
event_queue.c
Remove a spurious inclusion of the sparse array header file
2023-09-25 07:45:32 +10:00
methods.c
Update some inclusions of <openssl/macros.h>
2019-11-07 11:37:25 +01:00
pqueue.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
priority_queue.c
Fix bug in priority queue remove function
2023-11-08 11:09:12 +00:00
s3_enc.c
Copyright year updates
2023-09-07 09:59:15 +01:00
s3_lib.c
Fix a possible memory leak of ssl->s3.tmp.psk
2023-11-09 17:33:55 +01:00
s3_msg.c
Resolve a TODO in ssl3_dispatch_alert
2022-11-14 10:14:41 +01:00
ssl_asn1.c
RFC7250 (RPK) support
2023-03-28 13:49:54 -04:00
ssl_cert_comp.c
Copyright year updates
2023-09-07 09:59:15 +01:00
ssl_cert_table.h
Copyright year updates
2023-09-07 09:59:15 +01:00
ssl_cert.c
tls: update to structure based atomics
2023-07-01 21:18:25 +10:00
ssl_ciph.c
Fix a possible memory leak in load_builtin_compressions
2023-11-02 08:17:08 +00:00
ssl_conf.c
"foo * bar" should be "foo *bar"
2023-09-11 10:15:30 +02:00
ssl_err_legacy.c
Update copyright year
2021-06-17 13:24:59 +01:00
ssl_err.c
QUIC APL: Implement backpressure on stream creation
2023-08-25 15:10:43 +02:00
ssl_init.c
Copyright year updates
2023-09-28 14:23:29 +01:00
ssl_lib.c
Fix a possible memory leak in dane_tlsa_add
2023-11-22 09:18:21 +01:00
ssl_local.h
Fix the SSL_CIPHER_find() function when used with a QCSO
2023-09-12 15:29:00 +02:00
ssl_mcnf.c
SSL: refactor all SSLfatal() calls
2020-11-11 12:12:23 +01:00
ssl_rsa_legacy.c
Deprecate RSA harder
2020-11-18 23:38:34 +01:00
ssl_rsa.c
Copyright year updates
2023-09-07 09:59:15 +01:00
ssl_sess.c
fix memory allocation and reference counting issues
2023-07-05 08:34:00 +10:00
ssl_stat.c
Add support for compressed certificates (RFC8879)
2022-10-18 09:30:22 -04:00
ssl_txt.c
Cast values to match printf format strings.
2022-11-14 07:47:53 +00:00
ssl_utst.c
Remove the old buffer management code
2022-10-20 14:39:33 +01:00
sslerr.h
Provide better errors for some QUIC failures
2023-03-20 09:35:38 +11:00
t1_enc.c
Accept longer context for TLS 1.2 exporters
2023-10-26 15:47:15 +01:00
t1_lib.c
Minor fixes
2023-07-05 09:03:04 +10:00
t1_trce.c
Fix an SSL_trace bug
2023-05-24 12:18:33 +01:00
tls13_enc.c
Copyright year updates
2023-09-07 09:59:15 +01:00
tls_depr.c
SSL object refactoring using SSL_CONNECTION object
2022-07-28 10:04:28 +01:00
tls_srp.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00