| Age | Commit message (Collapse) | Author |
|---|
|
secrets via realloc().
ok inoguchi@
|
|
CBB_init_fixed() have been attempted.
ok doug@
|
|
While the previous types were correct, they can silently accept bad data
via truncation or signed conversion. We now take size_t as input for
CBB_add_u*() and do a range check.
discussed with deraadt@
input + ok jsing@ miod@
|
|
Also, add comments about assuming short-form.
ok miod@, tweak + ok jsing@
|
|
ok miod@ jsing@
|
|
malloc(0) is implementation defined and there's no reason to introduce
that ambiguity here. Added a few cosmetic changes in sizeof and free.
ok miod@ jsing@
|
|
ok jsing@
|
|
All of cbb_buffer_add_u's callers first call CBB_flush and send cbb->base.
cbb_add_u() now has that common code in one place.
ok jsing@
|
|
ok jsing@
|
|
Tag 31 is invalid for a short form identifier octet (single byte).
KNF a little more.
Based on BoringSSL commit 5ba305643f55d37a3e45e8388a36d50c1b2d4ff5
ok miod@
|
|
CBB_init_fixed() should not call free because it can lead to use after
free or double free bugs. The caller should be responsible for
creating and destroying the buffer.
From BoringSSL commit a84f06fc1eee6ea25ce040675fbad72c532afece
miod agrees with the reasoning
ok jsing@, beck@
|
|
I checked that this doesn't change anything. Compiled with clang using
-Wno-pointer-sign -g0 to reduce the differences. Only difference in the
asm is due to assert(0) line number changes in bs_cbs.c and bs_cbb.c.
miod is ok with the general process.
|
|
This was to test a patch for upstream.
|
|
This is imported with as few changes as possible for the initial commit.
I removed OPENSSL_EXPORT, replaced OPENSSL_malloc() etc with malloc()
and changed a few header includes.
BoringSSL has this as part of their public API. We're leaving it internal
to libssl for now.
Based on BoringSSL's CBB/CBS API as of commit
c5cc15b4f5b1d6e9b9112cb8d30205a638aa2c54.
input + ok jsing@, miod@
|
