openssl/apps
Pauli 0a3452520f Fix potential use-after-free and memory leak
In function wait_for_async(), allocated async fds is freed if
`SSL_get_all_async_fds` fails, but later `fds` is used. Interestingly,
it is not freed when everything succeeds.

Rewrite the FD set loop to make it more readable and to not modify the allocated
pointer so it can be freed.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3992)
2017-07-26 10:04:05 +10:00
..
demoSRP Missing SRP files. 2011-03-16 11:50:33 +00:00
app_rand.c Fix use-after-free 2017-07-17 07:46:49 -04:00
apps.c Fix potential use-after-free and memory leak 2017-07-26 10:04:05 +10:00
apps.h Remove unused function prototypes 2017-07-23 09:16:32 -04:00
asn1pars.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
build.info Add a simple store utility command 2017-06-29 11:55:31 +02:00
ca-cert.srl Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
ca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
ca.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
CA.pl.in apps/req.c: flag "-new" is implied by "-precert" 2017-02-22 10:40:30 -05:00
cert.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ciphers.c Support converting cipher name to RFC name and vice versa 2017-07-21 07:20:14 +10:00
client.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
cms.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
crl2p7.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
crl.c Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00
ct_log_list.cnf GH1536: Install empty CT log list 2016-09-14 18:22:33 -04:00
dgst.c Fix some pedantic warnings. 2017-07-17 11:24:08 +10:00
dh1024.pem Update Diffie-Hellman parameters to IANA standards 2016-05-03 10:32:01 -04:00
dh2048.pem Update Diffie-Hellman parameters to IANA standards 2016-05-03 10:32:01 -04:00
dh4096.pem Update Diffie-Hellman parameters to IANA standards 2016-05-03 10:32:01 -04:00
dhparam.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
dsa512.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
dsa1024.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
dsa-ca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa-pca.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
dsa.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
dsap.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
dsaparam.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
ec.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
ecparam.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
enc.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
engine.c Rework the append_buf function 2017-07-06 08:03:58 +10:00
errstr.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
gendsa.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
genpkey.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
genrsa.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
nseq.c Constify command options 2016-10-14 18:25:50 +02:00
ocsp.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
openssl-vms.cnf Added support for ESSCertIDv2 2017-05-03 09:04:23 +02:00
openssl.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
openssl.cnf Added support for ESSCertIDv2 2017-05-03 09:04:23 +02:00
opt.c Make clear error message if opt_<number> fails 2017-06-20 11:33:01 +02:00
passwd.c Fix some pedantic warnings. 2017-07-17 11:24:08 +10:00
pca-cert.srl Update test server certificate in apps/server.pem (it was expired). 2000-10-16 22:56:10 +00:00
pca-key.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pca-req.pem Fix verify(1) to report failure when verification fails 2016-01-13 17:55:17 -05:00
pkcs7.c Switch command-line utils to new nameopt API. 2017-04-25 12:37:17 -04:00
pkcs8.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
pkcs12.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
pkey.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
pkeyparam.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
pkeyutl.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
prime.c Fix some extra or missing whitespaces... 2017-01-25 09:06:34 +00:00
privkey.pem PR: 1644 2009-09-06 15:49:46 +00:00
progs.pl Reformat progs.pl; add ARIA support 2017-06-21 08:44:56 -04:00
rand.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
rehash.c Cleanup some copyright stuff 2017-06-30 21:56:44 -04:00
req.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
req.pem Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
rsa8192.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
rsa.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
rsautl.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
s512-key.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s512-req.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s1024key.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s1024req.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
s_apps.h Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
s_cb.c Print Ed25519 in s_client/s_server 2017-06-21 14:11:01 +01:00
s_client.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
s_server.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
s_socket.c Fix bogus use of BIO_sock_should_retry. 2017-07-17 15:28:20 +02:00
s_time.c Update PR#3925 2017-07-14 10:32:30 +01:00
server2.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
server.pem Replace expired test server and client certificates with new ones. 2011-12-08 14:44:05 +00:00
server.srl Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
sess_id.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
smime.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
speed.c schlock global variable needs to be volatile 2017-07-24 14:58:11 -04:00
spkac.c Fix possible usage of NULL pointers in apps/spkac.c 2017-06-10 02:22:22 +08:00
srp.c Fix some pedantic warnings. 2017-07-17 11:24:08 +10:00
storeutl.c STORE 'file' scheme loader: refactor the treatment of matches 2017-06-29 11:55:33 +02:00
testCA.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testdsa.h Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
testrsa.h Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
timeouts.h Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
ts.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00
tsget.in Cleanup some copyright stuff 2017-06-30 21:56:44 -04:00
verify.c Clean up a bundle of codingstyle stuff in apps directory 2017-06-12 16:11:05 -04:00
version.c Add --with-rand-seed 2017-07-22 14:00:07 -04:00
vms_decc_init.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
vms_term_sock.c Cleanup some copyright stuff 2017-06-30 21:56:44 -04:00
vms_term_sock.h Cleanup some copyright stuff 2017-06-30 21:56:44 -04:00
win32_init.c Fix not-c code 2016-10-19 00:56:48 +02:00
x509.c Standardize apps use of -rand, etc. 2017-07-16 19:20:45 -04:00