{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":321392213,"defaultBranch":"master","name":"openssl","ownerLogin":"juergenchrist","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2020-12-14T15:33:45.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/5978792?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1683542343.0","currentOid":""},"activityList":{"items":[{"before":"2b5a546ce1960883febc51f5d2a71a8b7c1b3ab9","after":"2c500578fc68871eca7fabc7ee36b4027891671b","ref":"refs/heads/master","pushedAt":"2023-05-22T13:05:23.371Z","pushType":"push","commitsCount":19,"pusher":{"login":"juergenchrist","name":"Juergen Christ","path":"/juergenchrist","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5978792?s=80&v=4"},"commit":{"message":"crypto/params: drop float for UEFI\n\nUsing floating point is not supported in UEFI and can cause build\nproblems, for example due to SSE being disabled and x64 calling\nconvention passing floats in SSE registers.\n\nAvoid those problems by not compiling the related code for floating\npoint numbers.\n\nSigned-off-by: Yi Li <yi1.li@intel.com>\n\nReviewed-by: Tomas Mraz <tomas@openssl.org>\nReviewed-by: Paul Dale <pauli@openssl.org>\nReviewed-by: Hugo Landau <hlandau@openssl.org>\n(Merged from https://github.com/openssl/openssl/pull/20992)","shortMessageHtmlLink":"crypto/params: drop float for UEFI"}},{"before":"931369429564b5a9bb09711de8e885fef546a0ac","after":"2b5a546ce1960883febc51f5d2a71a8b7c1b3ab9","ref":"refs/heads/master","pushedAt":"2023-05-15T08:13:11.340Z","pushType":"push","commitsCount":371,"pusher":{"login":"juergenchrist","name":"Juergen Christ","path":"/juergenchrist","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5978792?s=80&v=4"},"commit":{"message":"QUIC: Documentation fix\n\nReviewed-by: Matt Caswell <matt@openssl.org>\nReviewed-by: Tomas Mraz <tomas@openssl.org>\n(Merged from https://github.com/openssl/openssl/pull/20765)","shortMessageHtmlLink":"QUIC: Documentation fix"}},{"before":null,"after":"035baa86b989aff244cda57cc94c04515d8f02e8","ref":"refs/heads/fix/quic-stack-use-after-free","pushedAt":"2023-05-08T10:39:03.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"juergenchrist","name":"Juergen Christ","path":"/juergenchrist","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5978792?s=80&v=4"},"commit":{"message":"Fix stack use-after-free in QUIC\n\nWhen running test_quicapi on master on a Fedora 38 with santizier, a stack\nuse-after-free is reported:\n\n```\n75-test_quicapi.t ..\n=================================================================\n==28379==ERROR: AddressSanitizer: stack-use-after-return on address 0x03ffa22a2961 at pc 0x03ffa507384a bp 0x03fffb576d68 sp 0x03fffb576550\nREAD of size 8 at 0x03ffa22a2961 thread T0\n    #0 0x3ffa5073849 in memcpy (/usr/lib64/libasan.so.8+0x73849) (BuildId: ce24d4ce2e06892c2e9105155979b957089a182c)\n    #1 0x118b883 in tls_handle_alpn ssl/statem/statem_srvr.c:2221\n    #2 0x111569d in tls_parse_all_extensions ssl/statem/extensions.c:813\n    #3 0x118e2bf in tls_early_post_process_client_hello ssl/statem/statem_srvr.c:1957\n    #4 0x118e2bf in tls_post_process_client_hello ssl/statem/statem_srvr.c:2290\n    #5 0x113d797 in read_state_machine ssl/statem/statem.c:712\n    #6 0x113d797 in state_machine ssl/statem/statem.c:478\n    #7 0x10729f3 in SSL_do_handshake ssl/ssl_lib.c:4669\n    #8 0x11cec2d in ossl_quic_tls_tick ssl/quic/quic_tls.c:717\n    #9 0x11afb03 in ch_tick ssl/quic/quic_channel.c:1296\n    #10 0x10cd1a9 in ossl_quic_reactor_tick ssl/quic/quic_reactor.c:79\n    #11 0x10d948b in ossl_quic_tserver_tick ssl/quic/quic_tserver.c:160\n    #12 0x1021ead in qtest_create_quic_connection test/helpers/quictestlib.c:273\n    #13 0x102b81d in test_quic_write_read test/quicapitest.c:54\n    #14 0x12035a9 in run_tests test/testutil/driver.c:370\n    #15 0x1013203 in main test/testutil/main.c:30\n    #16 0x3ffa463262b in __libc_start_call_main (/usr/lib64/libc.so.6+0x3262b) (BuildId: 6bd4a775904d85009582d6887da4767128897d0e)\n    #17 0x3ffa463272d in __libc_start_main_impl (/usr/lib64/libc.so.6+0x3272d) (BuildId: 6bd4a775904d85009582d6887da4767128897d0e)\n    #18 0x101efb9  (/root/openssl/test/quicapitest+0x101efb9) (BuildId: 075e387adf6d0032320aaa18061f13e9565ab481)\nAddress 0x03ffa22a2961 is located in stack of thread T0 at offset 33 in frame\n    #0 0x10d868f in alpn_select_cb ssl/quic/quic_tserver.c:49\n  This frame has 1 object(s):\n    [32, 41) 'alpn' (line 50) <== Memory access at offset 33 is inside this variable\nHINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork\n      (longjmp and C++ exceptions *are* supported)\nSUMMARY: AddressSanitizer: stack-use-after-return (/usr/lib64/libasan.so.8+0x73849) (BuildId: ce24d4ce2e06892c2e9105155979b957089a182c) in memcpy\nShadow bytes around the buggy address:\n  0x03ffa22a2680: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n  0x03ffa22a2700: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n  0x03ffa22a2780: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n  0x03ffa22a2800: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n  0x03ffa22a2880: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n=>0x03ffa22a2900: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5[f5]f5 f5 f5\n  0x03ffa22a2980: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n  0x03ffa22a2a00: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n  0x03ffa22a2a80: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n  0x03ffa22a2b00: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\n  0x03ffa22a2b80: f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5 f5\nShadow byte legend (one shadow byte represents 8 application bytes):\n  Addressable:           00\n  Partially addressable: 01 02 03 04 05 06 07\n  Heap left redzone:       fa\n  Freed heap region:       fd\n  Stack left redzone:      f1\n  Stack mid redzone:       f2\n  Stack right redzone:     f3\n  Stack after return:      f5\n  Stack use after scope:   f8\n  Global redzone:          f9\n  Global init order:       f6\n  Poisoned by user:        f7\n  Container overflow:      fc\n  Array cookie:            ac\n  Intra object redzone:    bb\n  ASan internal:           fe\n  Left alloca redzone:     ca\n  Right alloca redzone:    cb\n==28379==ABORTING\n../../util/wrap.pl ../../test/quicapitest default ../../test/default.cnf ../../test/certs => 1\nnot ok 1 - running quicapitest\n```\n\nFix this be making the protocols to select static constants and thereby moving\nthem out of the stack frame of the callback function.\n\nSigned-off-by: Juergen Christ <jchrist@linux.ibm.com>","shortMessageHtmlLink":"Fix stack use-after-free in QUIC"}},{"before":"d0a3b9d1eb1fc510ec3447b44803bbf5520a0c47","after":"931369429564b5a9bb09711de8e885fef546a0ac","ref":"refs/heads/master","pushedAt":"2023-03-08T12:55:28.069Z","pushType":"push","commitsCount":22,"pusher":{"login":"juergenchrist","name":"Juergen Christ","path":"/juergenchrist","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5978792?s=80&v=4"},"commit":{"message":"Run the punycode-test over the fuzz corpora during test.\n\nReviewed-by: Paul Dale <pauli@openssl.org>\nReviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>\nReviewed-by: Tomas Mraz <tomas@openssl.org>\n(Merged from https://github.com/openssl/openssl/pull/20246)","shortMessageHtmlLink":"Run the punycode-test over the fuzz corpora during test."}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAADMZbgqQA","startCursor":null,"endCursor":null}},"title":"Activity · juergenchrist/openssl"}