Our own implementation works fine, however we should use OpenSSL's one since we already link to the library.
Base64Decode() and Base64Encode() return the required buffer size when "dst" is NULL.
This allows to efficiently allocate a buffer, without wasting memory or risking an overflow.
Base64FromBin() and Base64ToBin() perform all steps, returning a heap-allocated buffer with the data in it.
This commit fixes the "TrackDeleteObj: 0x12345678 is not Object!!" (where 0x12345678 is the actual address) errors with memcheck enabled.
It also fixes the following related warnings:
warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
TrackChangeObjSize((DWORD)addr, size, (DWORD)new_addr);
^
warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
TrackChangeObjSize((DWORD)addr, size, (DWORD)new_addr);
^
- Hash() has been removed because it was ambiguous, Md5() and Sha0() are proper replacements.
- HMacMd5() and HMacSha1() now share a common implementation handled by the new Internal_HMac() function.
- NewMd() and MdProcess() now support plain hashing (without the key).
- NewMd(), SetMdKey() and MdProcess() now check the OpenSSL functions' return value and in case of failure a debug message is printed along with the error string, if available.
- SetMdKey()'s return value has been changed from void to bool, so that it's possible to know whether the function succeeded or not.
- MdProcess()' return value has been changed from void to UINT (unsigned int) and the function now returns the number of bytes written by HMAC_Final() or EVP_DigestFinal_ex().
[src/Mayaqua/Memory.c:2605]: (style) The function 'ClearFifo' is never used.
[src/Mayaqua/Memory.c:1380]: (style) The function 'CloneList' is never used.
[src/Mayaqua/Memory.c:4267]: (style) The function 'CloneTail' is never used.
[src/Mayaqua/Memory.c:1972]: (style) The function 'DelAllInt' is never used.
[src/Mayaqua/Memory.c:2068]: (style) The function 'DelInt64' is never used.
[src/Mayaqua/Memory.c:1789]: (style) The function 'DeleteKey' is never used.
[src/Mayaqua/Memory.c:2934]: (style) The function 'DumpData' is never used.
[src/Mayaqua/Memory.c:835]: (style) The function 'FillBytes' is never used.
[src/Mayaqua/Memory.c:2759]: (style) The function 'GetFifoCurrentReallocMemSize' is never used.
[src/Mayaqua/Memory.c:1475]: (style) The function 'InsertDistinct' is never used.
[src/Mayaqua/Memory.c:2274]: (style) The function 'InsertInt64Distinct' is never used.
[src/Mayaqua/Memory.c:1612]: (style) The function 'IsInListUniStr' is never used.
[src/Mayaqua/Memory.c:2647]: (style) The function 'LockFifo' is never used.
[src/Mayaqua/Memory.c:1120]: (style) The function 'PeekQueue' is never used.
[src/Mayaqua/Memory.c:2158]: (style) The function 'RandomizeList' is never used.
[src/Mayaqua/Memory.c:1364]: (style) The function 'SetCmp' is never used.
[src/Mayaqua/Memory.c:1570]: (style) The function 'SetSortFlag' is never used.
[src/Mayaqua/Memory.c:1596]: (style) The function 'SortEx' is never used.
[src/Mayaqua/Memory.c:3718]: (style) The function 'Swap' is never used.
[src/Mayaqua/Memory.c:2659]: (style) The function 'UnlockFifo' is never used.
[src/Mayaqua/Memory.c:2532]: (style) The function 'WriteFifoFront' is never used.
[src/Mayaqua/Memory.c:1981]: (style) The function 'InsertInt64' is never used.
[src/Mayaqua/Memory.c:2317]: (style) The function 'PadFifoFront' is never used.
[src/Mayaqua/Memory.c:2155]: (style) The function 'PeekFifo' is never used.
zlib doesn't have a dedicated directory on Unix systems, because it has a single header, meaning that the header from the repository was being used instead.
This commit moves the header to the Windows includes directory, so that we can use the proper include path on all systems.
Buffer overread in ParseL2TPPacket()
Memory corruption in IcmpParseResult
Missing bounds check in ParseUDP() can lead to invalid memory access
Out-of-bounds read in IPsec_PPP.c (unterminated string buffer)
Overlapping parameters to memcpy() via StrToIp6()
PACK ReadValue() crash vulnerability
Potential use of uninitialized memory via IPToInAddr6()
4 memory leaks. While the amount of leakage is very small per time, these bugs can finally cause process crash by out of memory. So these bugs must be fixed.
Memory leak in NnReadDnsRecord
Memory leak in RadiusLogin()
Memory leak via ParsePacketIPv4WithDummyMacHeader
Remote memory leak in OpenVPN server code
1 coding improvement. This is not a bug, however, I fixed the code to avoid furture misunderstanding.
RecvAll can return success on failure (leading to use of uninitialized memory)
Contributors for this bugfix:
- Max Planck Institute for Molecular Genetics
- Guido Vranken