Mirror of BoringSSL (grpc依赖) https://boringssl.googlesource.com/boringssl

You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Tag: Branch: Tree: 48d80bb6cf

2214

2272

2311

2357

2490

2564

2623

2661

2704

2785

2883

2924

2987

3029

3071

3112

3202

3239

3282

3359

3538

3945

chromium-2214

chromium-2272

chromium-2311

chromium-2357

chromium-2490

chromium-2564

chromium-2623

chromium-2661

chromium-2704

chromium-2883

chromium-2924

chromium-2987

chromium-3029

chromium-3071

chromium-3112

chromium-3202

chromium-3239

chromium-3282

chromium-3359

chromium-3538

chromium-3945

chromium-5359

chromium-5414

chromium-stable

chromium-stable-with-bazel

esni

fips-20180730

fips-20220613

fips-20230428

fips-20240407

fips-20240805

fips-20250107

fips-android-20191008

grpc-202302

infra/config

main

main-with-bazel

master

master-with-bazel

0.20240913.0

0.20240930.0

0.20241024.0

0.20241203.0

0.20241209.0

0.20250114.0

0.20250212.0

fips-20170615

fips-20180730

fips-20190808

fips-20210429

fips-20220613

fips-android-20191020

version_for_cocoapods_1.0

version_for_cocoapods_10.0

version_for_cocoapods_2.0

version_for_cocoapods_3.0

version_for_cocoapods_4.0

version_for_cocoapods_5.0

version_for_cocoapods_6.0

version_for_cocoapods_7.0

version_for_cocoapods_8.0

version_for_cocoapods_9.0

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '48d80bb6cf'

${ noResults }

boringssl/include

History

David Benjamin e7c0c9734f Don't overflow the output length in EVP_CipherUpdate calls. ... CVE-2021-23840 (Imported from upstream's 6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1.) This differs slightly from upstream's version: - EVP_R_OUTPUT_WOULD_OVERFLOW didn't seem necessary when ERR_R_OVERFLOW already exists. (Also since we use CIPHER_R_*, it wouldn't have helped with compatibility anyway. Though there's probably something to be said for us folding CIPHER_R_* back into EVP_R_*.) - For simplicity, just check in_len + bl at the top, rather than trying to predict the exact number of bytes written. Update-Note: Passing extremely large input lengths into EVP_CipherUpdate will now fail. Use EVP_AEAD instead, which is size_t-based and has more explicit output bounds. Change-Id: I31835c89dcdecb6b112828f57deb798dc7187db5 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45685 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com>		4 years ago
..
openssl	Don't overflow the output length in EVP_CipherUpdate calls.	4 years ago