Google Git
Sign in
boringssl / boringssl.git / 61c0d4e8b210104f6e9575421411641d9fe87086
commit61c0d4e8b210104f6e9575421411641d9fe87086[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Thu Mar 19 14:24:37 2015 -0400
committerAdam Langley <agl@google.com>Thu Mar 19 19:46:28 2015 +0000
tree4106ae62c1e5cce7fa4b066c36b860dbdd0a1f94
parentc12d377e2400d0011e2269aa6df2a3193d0f60a9 [diff]
Always reset sigalgslen when NULLing sigalgs.

See also upstream's 34e3edbf3a10953cb407288101fd56a629af22f9. This fixes
CVE-2015-0291. Also bubble up malloc failures in tls1_set_shared_sigalgs. Tidy
up style a bit and remove unnecessary check (it actually is unnecessary; see
https://boringssl-review.googlesource.com/4042).

Change-Id: Idfb31a90fb3e56ef6fe7701464748a5c1603f064
Reviewed-on: https://boringssl-review.googlesource.com/4047
Reviewed-by: Adam Langley <agl@google.com>
1 file changed
tree: 4106ae62c1e5cce7fa4b066c36b860dbdd0a1f94
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUILDING
  10. CMakeLists.txt
  11. codereview.settings
  12. STYLE