summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* gnutls_x509_ext_import_policies: fixed memory leak on error pathtmp-client-test-suiteNikos Mavrogiannopoulos2017-01-031-3/+4
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added test case with invalid X.509 certNikos Mavrogiannopoulos2017-01-032-1/+1
| | | | | | | This triggers a memory leak. Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=294 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* x509 output: fixed memory leak in AIA extension printingNikos Mavrogiannopoulos2017-01-031-2/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added test case with invalid X.509 certNikos Mavrogiannopoulos2017-01-032-1/+1
| | | | | | | Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=300 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc: document how to enhance the testsuite with issues foundNikos Mavrogiannopoulos2017-01-031-2/+21
|
* status_request: eliminated leak on error pathNikos Mavrogiannopoulos2017-01-031-5/+10
| | | | | | | Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=269 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* proc_server_kx: eliminated leak on error pathNikos Mavrogiannopoulos2017-01-031-0/+3
| | | | | | | Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=272 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added reproducer for client issuesNikos Mavrogiannopoulos2017-01-036-2/+122
| | | | | | | | | | | This allows to reproduce issues found on client handling, by adding a transcript in client-interesting. Currently it contains values found using oss-fuzz. The client3.disabled transcript is disabled because it depends on a fix in nettle. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: do not run key-tests under leak sanitizerNikos Mavrogiannopoulos2017-01-031-1/+1
| | | | | | | | | The reason is that we cannot distinguish between a memory leak on application failure (which is followed by exit- thus should be ignored) and an address sanitizer issue (which should never be ignored). As such we disable leak detection with asan and rely on valgrind. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: illegal-rsa: don't hide stderrNikos Mavrogiannopoulos2017-01-031-2/+2
|
* tests: added suite for checking PKCS#7 structure importNikos Mavrogiannopoulos2017-01-036-2/+149
| | | | | The initial (problematic) structures have been obtained from oss-fuzz project.
* fuzz: added basic Makefile to assist in reproducing [ci skip]Nikos Mavrogiannopoulos2017-01-032-0/+78
| | | | Also updated README.md
* Simplified contribution policy [ci skip]Nikos Mavrogiannopoulos2017-01-023-12/+16
| | | | | | Also added a template to assist in the required steps to contribute. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* _gnutls_x509_get_signature: fix memory leak on error pathNikos Mavrogiannopoulos2017-01-021-1/+2
|
* tests: added test case with invalid X.509 certificateNikos Mavrogiannopoulos2017-01-022-1/+2
| | | | | | | | | This certificate causes a memory leak while printing. Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=280 Relates #156
* valgrind: use different exit code to signify errortmp-add-invalid-key-testsNikos Mavrogiannopoulos2017-01-022-2/+2
| | | | | This allows the test suite to differentiate between valgrind and expected errors from tools.
* tests: cert-tests: force asan to return an error code other than one on failureNikos Mavrogiannopoulos2017-01-021-1/+1
|
* gnutls_pkcs8_info: addressed memory leak on error pathNikos Mavrogiannopoulos2017-01-021-3/+5
|
* certtool: pkcs8_info_int: fix memory leakNikos Mavrogiannopoulos2017-01-021-5/+7
|
* wrap_nettle_mpi_modm: bail on a modulus that is zeroNikos Mavrogiannopoulos2017-01-021-0/+3
| | | | Relates #156
* tests: added test for invalid private keysNikos Mavrogiannopoulos2017-01-023-2/+54
| | | | | Also force asan to return an error code other than one (the normally expected for invalid keys).
* x509: address leak in print_altname - cert printingNikos Mavrogiannopoulos2017-01-021-1/+3
|
* tests: added certificate to reproduce memory leakNikos Mavrogiannopoulos2017-01-022-1/+1
| | | | | | | Found by oss-fuzz project: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=299 Relates #156
* tests: added test case with invalid PKCS#8 dataNikos Mavrogiannopoulos2017-01-023-2/+2
| | | | | | | Issue found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=363 Relates #156
* nettle: added a safety net on wrap_nettle_cipher_setiv()Nikos Mavrogiannopoulos2017-01-026-7/+43
| | | | Return error if attempting to set invalid IV size.
* pkcs7 decrypt: require a valid IV size on all ciphersNikos Mavrogiannopoulos2017-01-021-4/+13
| | | | | | | That is, do not accept the IV size present in the structure as valid without checking. Relates #156
* fuzz: added a PBES1 PKCS#8 private key file into corpusNikos Mavrogiannopoulos2017-01-021-0/+0
|
* pkcs8: pkcs8_key_info() will correctly detect non-encrypted filesNikos Mavrogiannopoulos2017-01-021-2/+32
|
* certtool: don't print PKCS#8 information when outputting DER dataNikos Mavrogiannopoulos2017-01-021-2/+8
|
* Corrected a leak in OpenPGP sub-packet parsing.Alex Gaynor2017-01-023-1/+8
| | | | Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
* doc: fixed copyright date in gnutls.texiNikos Mavrogiannopoulos2017-01-021-2/+2
|
* gnutls_rnd: document the available values of level [ci skip]Nikos Mavrogiannopoulos2017-01-021-1/+3
| | | | This enables using the function by only checking the man page.
* pkcs11 verification: ensure that an issuer we retrieve is not blacklisttmp-fix-pkcs11-verificationNikos Mavrogiannopoulos2016-12-311-0/+11
| | | | | | | It may happen in p11-kit trust module that a trusted certificate is both in the trusted set, and the blacklisted set. To avoid accepting a certificate when in both sets, we always check whether a trusted issuer certificate is in the blacklisted set.
* Attempt to fix a leak in OpenPGP cert parsing.Alex Gaynor2016-12-313-1/+7
|
* tests: enable all the ciphersuite in openssl cli for DSS checksfix-compat-testsNikos Mavrogiannopoulos2016-12-311-3/+3
|
* certtool: improved error reporting on file errorNikos Mavrogiannopoulos2016-12-311-2/+2
|
* tests: don't check against 3DES if disabled in opensslNikos Mavrogiannopoulos2016-12-311-3/+8
|
* tests: do not pass the -dhparams to openssl 1.1.0; it doesn't workNikos Mavrogiannopoulos2016-12-311-1/+8
|
* tests: simplified DH params formatNikos Mavrogiannopoulos2016-12-311-33/+9
| | | | Also switch to RFC7919 DH params.
* tests: corrected type in openssl compat testsNikos Mavrogiannopoulos2016-12-311-2/+2
|
* tests: added common variable for DH parametersNikos Mavrogiannopoulos2016-12-313-31/+33
|
* tests: fixed paths in compat testsNikos Mavrogiannopoulos2016-12-311-2/+2
|
* tests: better termination checking in compat testsNikos Mavrogiannopoulos2016-12-312-3/+22
| | | | | This ensures that the exit code of all spawned processes is checked.
* cfg.mk: exclude devel/ subdirectory from syntax checksNikos Mavrogiannopoulos2016-12-311-1/+1
|
* certtool: properly report unencrypted PKCS#8 keys in --p8-infoNikos Mavrogiannopoulos2016-12-301-0/+4
|
* fuzz: added decrypted PKCS#8 keysNikos Mavrogiannopoulos2016-12-303-0/+0
|
* fuzz: added PKCS#8 keys with low iteration countNikos Mavrogiannopoulos2016-12-309-0/+3
| | | | | This makes sure that the fuzzer will not timeout while trying to decode keys.
* submodules: use the github mirror of opensslNikos Mavrogiannopoulos2016-12-281-1/+1
|
* Do not infinite loop if an EOF occurs while skipping a PGP packetAlex Gaynor2016-12-284-5/+59
| | | | Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
* Added a fuzzer for OpenPGP cert parsingAlex Gaynor2016-12-281-0/+47
| | | | Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
View Lorry Controller Status