public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Stas Cymbalov 1b1d097d15 Fix data race in asn1_str2tag() on tntmp which was accidentally made static 
Variables tntmp and tnst are declared in the same declaration and thus
share storage class specifiers (static). This is unfortunate as tntmp is
used during iteration through tnst array and shouldn't be static.
In particular this leads to two problems that may arise when multiple
threads are executing asn1_str2tag() concurrently:
1. asn1_str2tag() might return value that doesn't correspond to tagstr
   parameter. This can happen if other thread modifies tntmp to point to
   a different tnst element right after a successful name check in the
   if statement.
2. asn1_str2tag() might perform an out-of-bounds read of tnst array.
   This can happen when multiple threads all first execute tntmp = tnst;
   line and then start executing the loop. If that case those threads
   can end up incrementing tntmp past the end of tnst array.

CLA: trivial

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26504)

(cherry picked from commit 7262c0bcc4)
2025-01-23 12:14:27 +01:00
..
aes Restore correct registers in aarch64 AES-CTR code 2025-01-21 10:56:27 +01:00
aria Change loops conditions to make zero loop risk more obvious. 2022-05-24 14:11:20 +10:00
asn1 Fix data race in asn1_str2tag() on tntmp which was accidentally made static 2025-01-23 12:14:27 +01:00
async Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
bf Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
bio Fix potential memory leak in BIO_get_accept_socket() 2025-01-02 14:07:32 +01:00
bn Fix timing side-channel in ECDSA signature computation 2025-01-20 09:37:18 +01:00
buffer Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
camellia Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
cast Copyright year updates 2023-09-07 09:59:15 +01:00
chacha LoongArch: we should access global symbol by la.global instead of 2025-01-14 12:03:22 +01:00
cmac Copyright year updates 2024-03-20 13:07:54 +01:00
cmp Fix potential memory leak in save_statusInfo() 2024-10-07 17:58:41 +02:00
cms Fix CMS encryption with key agreement when originator set 2025-01-06 11:45:45 +01:00
comp Copyright year updates 2023-09-07 09:59:15 +01:00
conf Copyright year updates 2024-09-03 14:44:27 +02:00
crmf Copyright year updates 2023-09-07 09:59:15 +01:00
ct Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
des Copyright year updates 2023-09-07 09:59:15 +01:00
dh Fix potential use-after-free in REF_PRINT_COUNT 2024-12-10 14:59:01 +01:00
dsa Fix potential use-after-free in REF_PRINT_COUNT 2024-12-10 14:59:01 +01:00
dso Fix potential use-after-free in REF_PRINT_COUNT 2024-12-10 14:59:01 +01:00
ec Fix timing side-channel in ECDSA signature computation 2025-01-20 09:37:18 +01:00
encode_decode Fix EVP_PKEY_print_private() so that it works with non default providers. 2024-11-29 17:11:50 +01:00
engine Copyright year updates 2024-09-03 14:44:27 +02:00
err Remove non-existing error code. 2025-01-15 16:23:22 +01:00
ess Copyright year updates 2024-06-04 14:50:58 +02:00
evp Check whether ctx->pctx != NULL 2024-12-17 14:54:30 +01:00
ffc DH_check_pub_key() should not fail when setting result code 2023-10-11 16:22:27 +02:00
hmac Adapt other parts of the source to the changed EVP_Q_digest() and EVP_Q_mac() 2021-06-23 23:00:36 +02:00
hpke Fix potential memory leak in OSSL_HPKE_CTX_new() 2024-10-30 12:00:39 +00:00
http Fix the use of OPENSSL_HTTP_PROXY / OPENSSL_HTTPS_PROXY 2025-01-09 12:04:13 +01:00
idea Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
kdf
lhash Copyright year updates 2024-03-20 13:07:54 +01:00
md2 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
md4 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
md5 md5: add assembly implementation for loongarch64 2023-12-27 10:15:29 +01:00
mdc2 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
modes fix small footprint builds on arm 2024-09-12 09:10:49 +10:00
objects Fix error handling in OBJ_add_object 2024-08-21 15:53:57 +02:00
ocsp Copyright year updates 2023-09-07 09:59:15 +01:00
pem Fix Edge Cases in Password Callback Handling 2024-09-09 09:01:06 +02:00
perlasm Copyright year updates 2024-06-04 14:50:58 +02:00
pkcs7 Avoid NULL dereference with PKCS7_OP_SET_DETACHED_SIGNATURE 2024-12-02 09:45:22 +01:00
pkcs12 Fix potential memory leak in PKCS12_add_key_ex() 2025-01-06 21:33:17 +01:00
poly1305 Mark OPENSSL_armcap_P .hidden in arm asm 2024-11-22 11:23:13 +01:00
property Copyright year updates 2024-09-03 14:44:27 +02:00
rand Return NULL from ossl_lib_ctx_get_concrete() when it is uninitialized 2025-01-08 11:19:54 +01:00
rc2 Copyright year updates 2023-09-07 09:59:15 +01:00
rc4 Copyright year updates 2023-09-07 09:59:15 +01:00
rc5 Copyright year updates 2023-09-07 09:59:15 +01:00
ripemd Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
rsa Fix potential use-after-free in REF_PRINT_COUNT 2024-12-10 14:59:01 +01:00
seed Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
sha Mark OPENSSL_armcap_P .hidden in arm asm 2024-11-22 11:23:13 +01:00
siphash crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
sm2 sm2_sig_verify(): Do not call BN_CTX_end() without BN_CTX_start() 2024-11-21 11:14:30 +01:00
sm3 Copyright year updates 2024-09-03 14:44:27 +02:00
sm4 Copyright year updates 2024-03-20 13:07:54 +01:00
srp Fix potential double free through SRP_user_pwd_set1_ids() 2024-10-11 14:23:09 +02:00
stack Copyright year updates 2024-03-20 13:07:54 +01:00
store Copyright year updates 2024-06-04 14:50:58 +02:00
thread Fix no-thread-pool build on Windows 2024-09-10 16:37:27 +02:00
ts Copyright year updates 2023-09-07 09:59:15 +01:00
txt_db Copyright year updates 2023-09-07 09:59:15 +01:00
ui Fix Edge Cases in Password Callback Handling 2024-09-09 09:01:06 +02:00
whrlpool Copyright year updates 2023-09-07 09:59:15 +01:00
x509 If you call X509_add_cert with cert == NULL and the X509_ADD_FLAG_UP_REF 2025-01-20 08:44:31 +01:00
alphacpuid.pl
arm64cpuid.pl Update copyright year 2022-05-03 13:34:51 +01:00
arm_arch.h Copyright year updates 2024-03-20 13:07:54 +01:00
armcap.c Copyright year updates 2024-03-20 13:07:54 +01:00
armv4cpuid.pl Mark OPENSSL_armcap_P .hidden in arm asm 2024-11-22 11:23:13 +01:00
asn1_dsa.c
bsearch.c
build.info Do not include sparse_array.o in libssl 2023-09-22 20:42:48 +02:00
c64xpluscpuid.pl
context.c Return NULL from ossl_lib_ctx_get_concrete() when it is uninitialized 2025-01-08 11:19:54 +01:00
core_algorithm.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
core_fetch.c Take into account no_store when pushing algorithm 2024-12-20 18:24:49 +01:00
core_namemap.c Copyright year updates 2023-09-07 09:59:15 +01:00
cpt_err.c err: add additional errors 2022-01-12 20:10:21 +11:00
cpuid.c Copyright year updates 2023-09-28 14:23:29 +01:00
cryptlib.c Copyright year updates 2023-09-07 09:59:15 +01:00
ctype.c Copyright year updates 2023-09-07 09:59:15 +01:00
cversion.c
der_writer.c der_writer: Use uint32_t instead of long. 2022-06-27 10:58:40 +02:00
deterministic_nonce.c Copyright year updates 2024-06-04 14:50:58 +02:00
dllmain.c Update copyright year 2022-05-03 13:34:51 +01:00
ebcdic.c
ex_data.c Fix error handling in CRYPTO_get_ex_new_index 2023-09-21 14:43:08 +02:00
getenv.c Update copyright year 2022-05-03 13:34:51 +01:00
ia64cpuid.S
info.c Copyright year updates 2023-09-07 09:59:15 +01:00
init.c Copyright year updates 2024-03-20 13:07:54 +01:00
initthread.c Recycle the TLS key that holds thread_event_handler 2024-09-05 17:20:19 +02:00
loongarch64cpuid.pl LoongArch64 assembly pack: Really implement OPENSSL_rdtsc 2023-12-19 18:34:34 +01:00
loongarch_arch.h Copyright year updates 2023-09-07 09:59:15 +01:00
loongarchcap.c Copyright year updates 2023-09-07 09:59:15 +01:00
LPdir_nyi.c
LPdir_unix.c Copyright year updates 2023-09-07 09:59:15 +01:00
LPdir_vms.c
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
mem.c Windows: use srand() instead of srandom() 2023-10-13 15:04:42 +02:00
mem_clr.c
mem_sec.c Add locking to CRYPTO_secure_used 2023-12-01 09:03:04 -05:00
mips_arch.h
o_dir.c Update copyright year 2022-05-03 13:34:51 +01:00
o_fopen.c crypto: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
o_init.c Update copyright year 2022-05-03 13:34:51 +01:00
o_str.c OPENSSL_hexstr2buf_ex(): Handle zero-length input correctly 2024-07-02 20:14:19 +02:00
o_time.c
packet.c Copyright year updates 2023-09-07 09:59:15 +01:00
param_build.c params: drop INT_MAX checks 2023-12-29 10:21:10 +01:00
param_build_set.c ossl_param_build_set_multi_key_bn(): Do not set NULL BIGNUMs 2023-10-18 18:07:13 +02:00
params.c uefi: move variables 2024-05-30 18:38:39 +02:00
params_dup.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
params_from_text.c Copyright year updates 2024-03-20 13:07:54 +01:00
params_idx.c.in params: provide a faster TRIE based param lookup. 2023-06-02 15:13:20 +10:00
pariscid.pl
passphrase.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
ppccap.c Update copyright year 2022-05-03 13:34:51 +01:00
ppccpuid.pl Update copyright year 2022-05-03 13:34:51 +01:00
provider.c Copyright year updates 2023-09-07 09:59:15 +01:00
provider_child.c Copyright year updates 2023-09-07 09:59:15 +01:00
provider_conf.c Fix remaining provider config settings to be decisive in value 2023-12-27 09:32:48 +01:00
provider_core.c Fix up path generation to use OPENSSL_MODULES 2024-04-18 18:39:49 +02:00
provider_local.h make struct provider_info_st a full type 2021-06-24 14:48:15 +01:00
provider_predefined.c make struct provider_info_st a full type 2021-06-24 14:48:15 +01:00
punycode.c Copyright year updates 2023-09-07 09:59:15 +01:00
quic_vlint.c QUIC: Enable building with QUIC support disabled 2023-01-13 13:20:16 +00:00
rcu_internal.h Copyright year updates 2024-03-20 13:07:54 +01:00
README-sparse_array.md
riscv32cpuid.pl Copyright year updates 2024-06-04 14:50:58 +02:00
riscv64cpuid.pl riscv: Add basic vector extension support 2023-10-26 15:55:49 +01:00
riscvcap.c Avoid undefined behaviour with the <ctype.h> functions. 2024-10-10 20:48:21 +02:00
s390x_arch.h s390x: Don't probe crypto cards for ME/CRT offloading during initialization 2024-10-23 15:07:52 +02:00
s390xcap.c s390x: Don't probe crypto cards for ME/CRT offloading during initialization 2024-10-23 15:07:52 +02:00
s390xcpuid.pl
self_test_core.c Update copyright year 2022-05-03 13:34:51 +01:00
sleep.c NonStop: Do not call sleep() with a 0 value 2024-04-05 16:06:51 +02:00
sparccpuid.S
sparcv9cap.c Split bignum code out of the sparcv9cap.c 2021-07-15 09:33:04 +02:00
sparse_array.c Coverity 1507376: Dereference after null check 2022-07-22 14:42:13 +02:00
threads_lib.c Define threads_lib.c functions only for OPENSSL_SYS_UNIX 2022-11-14 07:47:53 +00:00
threads_none.c Some minor nit corrections in the thread code for rcu 2024-06-20 16:54:40 +02:00
threads_pthread.c rcu: Ensure that updates to the ID field of a qp don't lose refs 2025-01-22 20:20:56 +01:00
threads_win.c Fix premature reuse of qp's in rcu locks 2025-01-14 11:44:23 +01:00
time.c Copyright year updates 2023-09-07 09:59:15 +01:00
trace.c TRACE: automatically respect disabled categories 2024-10-23 15:17:02 +02:00
uid.c Copyright year updates 2023-09-07 09:59:15 +01:00
vms_rms.h
x86_64cpuid.pl
x86cpuid.pl