projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aa474d1) | patch
Remove broken DSA private key workarounds.
authorDr. Stephen Henson <steve@openssl.org>
Thu, 18 Feb 2016 13:09:24 +0000 (13:09 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 19 Feb 2016 18:54:50 +0000 (18:54 +0000)
commitab4a81f69ec88d06c9d8de15326b9296d7f498ed
tree3e1b182ca19cf61f2e2d2f80efa4dd5d7b09523etree | snapshot
parentaa474d1fb172aabb29dad04cb6aaeca601a4378ccommit | diff
Remove broken DSA private key workarounds.

Remove old code that handled various invalid DSA formats in ancient
software.

This also fixes a double free bug when parsing malformed DSA private keys.

Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
libFuzzer.

CVE-2016-0705

Reviewed-by: Emilia Käsper <emilia@openssl.org>
crypto/dsa/dsa_ameth.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.