Tag: Branch: Tree: 2139aba2e3

2214

2272

2311

2357

2490

2564

2623

2661

2704

2785

2883

2924

2987

3029

3071

3112

3202

3239

3282

3359

3538

3945

chromium-2214

chromium-2272

chromium-2311

chromium-2357

chromium-2490

chromium-2564

chromium-2623

chromium-2661

chromium-2704

chromium-2883

chromium-2924

chromium-2987

chromium-3029

chromium-3071

chromium-3112

chromium-3202

chromium-3239

chromium-3282

chromium-3359

chromium-3538

chromium-3945

chromium-5359

chromium-5414

chromium-stable

chromium-stable-with-bazel

dependabot/go_modules/golang.org/x/net-0.23.0

esni

fips-20180730

fips-20220613

fips-20230428

fips-20240407

fips-android-20191008

grpc-202302

infra/config

main-with-bazel

master

master-with-bazel

fips-20170615

fips-20180730

fips-20190808

fips-20210429

fips-20220613

fips-android-20191020

version_for_cocoapods_1.0

version_for_cocoapods_10.0

version_for_cocoapods_2.0

version_for_cocoapods_3.0

version_for_cocoapods_4.0

version_for_cocoapods_5.0

version_for_cocoapods_6.0

version_for_cocoapods_7.0

version_for_cocoapods_8.0

version_for_cocoapods_9.0

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '2139aba2e3'

${ noResults }

Commit Graph

2 Commits (2139aba2e3e28cd1cdefbd9b48e2c31a75441203)

Author	SHA1	Message	Date
David Benjamin	b92fcfdc17	Cap the input size to the conf fuzzer ... Trying to fix all the places where these formats go quadratic isn't a good use of time. We've already documented that they're not safe for use with untrusted inputs. Even without such DoS issues, they cannot be safely used anyway. (E.g. RUSTSEC-2023-0023.) Just cap the fuzzer input. It'd be nice if we could avoid this more systematically in the function, but they're not structured to make this easy to do, and anyone concerned about DoS in this function has worse problems. Bug: chromium:1444420, oss-fuzz:56048, 611 Change-Id: I53eeb346f59278ec2db3aac4a92573b927ed8003 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59785 Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: David Benjamin <davidben@google.com> Auto-Submit: David Benjamin <davidben@google.com>	2 years ago
David Benjamin	33b569282c	Add a fuzzer for the config file machinery. ... This fuzzes the config file parser, and the converrsion to X.509 extensions. The initial corpus was computed by: 1. Import every file from OpenSSL 1.1.1 that ends in .cnf. 2. For each section in each such file, add a copy with that section copied to the top (the "default") section. 3. Also add a file for each unit test. 4. Minimize the corpus. While I'm here, sort the targets in fuzz/CMakeLists.txt. Change-Id: I0cfc1ae8e2be3e67dae361605ad19833aec3fe4d Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/56167 Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: David Benjamin <davidben@google.com>	2 years ago
David Benjamin	715a0a1da0	Fuzz x509v3_cache_extensions. ... X509 objects do some deferred parsing. Make sure we cover that code with fuzzers. Change-Id: I618e90aaf4d8decbc3af59f36910feb9949a8cd2 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/55751 Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com>	2 years ago
David Benjamin	6038ac5ce1	Run X509_print in the certificate fuzzer. ... Given the error handling issues in the previous CL, we'll probably be chasing down bugs in there for a while. Change-Id: I7a219e0fe2496f602d38b4bd0fcd5585ebd72cb7 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49046 Reviewed-by: Adam Langley <agl@google.com>	3 years ago
Adam Langley	fb0c05cac2	acvp: add CMAC-AES support. ... Change by Dan Janni. Change-Id: I3f059e7b1a822c6f97128ca92a693499a3f7fa8f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41984 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>	4 years ago