forked from bitcoin/bitcoin
-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix CVE-2018-12356 by hardening the regex. (#503) #518
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This has already been merged in, please see 2bce040 |
thrasher-
pushed a commit
to thrasher-/litecoin
that referenced
this pull request
Dec 6, 2019
b19c000 Merge litecoin-project#607: Use size_t shifts when computing a size_t 4d01bc2 Merge litecoin-project#606: travis: Remove unused sudo:false e6d01e9 Use size_t shifts when computing a size_t 7667532 travis: Remove unused sudo:false ee99f12 Merge litecoin-project#599: Switch x86_64 asm to use "i" instead of "n" for immediate values. d58bc93 Switch x86_64 asm to use "i" instead of "n" for immediate values. 05362ee Merge litecoin-project#597: Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build 8348386 Add $(COMMON_LIB) to exhaustive tests to fix ARM asm build aa15154 Merge litecoin-project#568: Fix integer overflow in ecmult_multi_var when n is large 2277af5 Fix integer overflow in ecmult_multi_var when n is large 85d0e1b Merge litecoin-project#591: Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 1419637 Merge litecoin-project#580: Add trivial ecmult_multi algorithm which does not require a scratch space a697d82 Add trivial ecmult_multi to the benchmark tool bade617 Add trivial ecmult_multi algorithm. It is selected when no scratch space is given and just multiplies and adds the points. 5545e13 Merge litecoin-project#584: configure: Use CFLAGS_FOR_BUILD when checking native compiler 20c5869 Merge litecoin-project#516: improvements to random seed in src/tests.c b76e45d Make bench_internal obey secp256k1_fe_sqrt's contract wrt aliasing. 870a977 Merge litecoin-project#562: Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse be40c4d Fixup for C90 mixed declarations. c71dd2c Merge litecoin-project#509: Fix algorithm selection in bench_ecmult 6492bf8 Merge litecoin-project#518: Summarize build options after running configure 0e9ada1 Merge litecoin-project#567: Correct order of libs returned on pkg-config --libs --static libsecp2… e96901a Merge litecoin-project#587: Make randomization of a non-signing context a noop 58df8d0 Merge litecoin-project#511: Portability fix for the configure scripts generated 2ebdad7 Merge litecoin-project#552: Make constants static: 1c131af Merge litecoin-project#551: secp256k1_fe_sqrt: Verify that the arguments don't alias. ba698f8 Merge litecoin-project#539: Assorted minor corrections 949e85b Merge litecoin-project#550: Optimize secp256k1_fe_normalize_weak calls. a34bcaa Actually pass CFLAGS_FOR_BUILD and LDFLAGS_FOR_BUILD to linker 2d5f4ce configure: Use CFLAGS_FOR_BUILD when checking native compiler b408c6a Merge litecoin-project#579: Use __GNUC_PREREQ for detecting __builtin_expect 6198375 Make randomization of a non-signing context a noop c663397 Use __GNUC_PREREQ for detecting __builtin_expect e34ceb3 Merge litecoin-project#557: Eliminate scratch memory used when generating contexts b3bf5f9 ecmult_impl: expand comment to explain how effective affine interacts with everything efa783f Store z-ratios in the 'x' coord they'll recover ffd3b34 add `secp256k1_ge_set_all_gej_var` test which deals with many infinite points 84740ac ecmult_impl: save one fe_inv_var 4704527 ecmult_impl: eliminate scratch memory used when generating context 7f7a2ed ecmult_gen_impl: eliminate scratch memory used when generating context 314a61d Merge litecoin-project#553: add static context object which has no capabilities 89a20a8 Correct order of libs returned on pkg-config --libs --static libsecp256k1 call. 1086fda Merge litecoin-project#354: [ECDH API change] Support custom hash function d3cb1f9 Make use of TAG_PUBKEY constants in secp256k1_eckey_pubkey_parse 40fde61 prevent attempts to modify `secp256k1_context_no_precomp` ed7c084 add static context object which has no capabilities 496c5b4 Make constants static: static const secp256k1_ge secp256k1_ge_const_g; static const int CURVE_B; bf8b86c secp256k1_fe_sqrt: Verify that the arguments don't alias. 9bd89c8 Optimize secp256k1_fe_normalize_weak calls. Move secp256k1_fe_normalize_weak calls out of ECMULT_TABLE_GET_GE and ECMULT_TABLE_GET_GE_STORAGE and into secp256k1_ge_globalz_set_table_gej instead. 52ab96f clean dependendies in field_*_impl.h deff5ed Correct math typos in field_*.h 4efb3f8 Add check that restrict pointers don't alias with all parameters. 1e6f1f5 Merge litecoin-project#529: fix tests.c in the count == 0 case c8fbc3c [ECDH API change] Allow pass arbitrary data to hash function b00be65 [ECDH API change] Support custom hash function 95e99f1 fix tests.c in the count == 0 case 452d8e4 Merge litecoin-project#523: scratch: add stack frame support 6fe5043 scratch: add stack frame support 9bc2e26 Merge litecoin-project#522: parameterize ecmult_const over input size 7c1b91b parameterize ecmult_const over input size dbc3ddd Merge litecoin-project#513: Increase sparsity of pippenger fixed window naf representation 3965027 Summarize build options in configure script 0f05173 Fix algorithm selection in bench_ecmult fb9271d Merge litecoin-project#510: add a couple missing `const`s to ecmult_pippenger_wnaf cd5f602 Merge litecoin-project#515: Fix typo 09146ae Merge litecoin-project#512: secp256k1_ec_privkey_negate - fix documentation ec0a7b3 Don't touch leading zeros in wnaf_fixed. 9e36d1b Fix bug in wnaf_fixed where the wnaf array is not completely zeroed when given a 0 scalar. 96f68a0 Don't invert scalar in wnaf_fixed when it is even because a caller might intentionally give a scalar with many leading zeros. 8b3841c fix bug in fread() failure check cddef0c tests: add warning message when /dev/urandom fails 9b7c47a Fix typo 6dbb007 Increase sparsity of pippenger fixed window naf representation 1646ace secp256k1_ec_privkey_negate - fix documentation 270f6c8 Portability fix for the configure scripts generated 9b3ff03 add a couple missing `const`s to ecmult_pippenger_wnaf cd329db Merge litecoin-project#460: [build] Update ax_jni_include_dir.m4 macro 7f9c1a1 Merge litecoin-project#498: tests: Avoid calling fclose(...) with an invalid argument f99aa8d Merge litecoin-project#499: tests: Make sure we get the requested number of bytes from /dev/urandom b549d3d Merge litecoin-project#472: [build] Set --enable-jni to no by default instead of auto. d333521 Merge litecoin-project#494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS 2ef8ea5 Merge litecoin-project#495: Add bench_ecmult to .gitignore 82a96e4 tests: Make sure we get the requested number of bytes from /dev/urandom 5aae5b5 Avoid calling fclose(...) with an invalid argument cb32940 Add bench_ecmult to .gitignore 31abd3a Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS c95f6f1 Merge litecoin-project#487: fix tests typo, s/changed/unchanged fb46c83 Merge litecoin-project#463: Reduce usage of hardcoded size constants 02f5001 Merge litecoin-project#490: Disambiguate bench functions and types 1f46d60 Disambiguate bench functions and types f54c6c5 Merge litecoin-project#480: Enable benchmark building by default c77fc08 Merge litecoin-project#486: Add pippenger_wnaf for multi-multiplication d2f9c6b Use more precise pippenger bucket windows 4c950bb Save some additions per window in _pippenger_wnaf a58f543 Add flags for choosing algorithm in ecmult_multi benchmark 36b22c9 Use scratch space dependent batching in ecmult_multi 355a38f Add pippenger_wnaf ecmult_multi bc65aa7 Add bench_ecmult dba5471 Add ecmult_multi tests 8c1c831 Generalize Strauss to support multiple points 548de42 add resizeable scratch space API 0e96cdc fix typo, s/changed/unchanged c7680e5 Reduce usage of hardcoded size constants 6ad5cdb Merge litecoin-project#479: Get rid of reserved _t in type names 7a78f60 Print whether we're building benchmarks 4afec9f Build benchmarks by default d1dc9df Get rid of reserved _t in type names 57752d2 [build] Set --enable-jni to no by default instead of auto. e7daa9b [build] Tweak JNI macro to warn instead of error for JNI not found. 5b22977 [build] Update ax_jni_include_dir.m4 macro to deal with recent versions of macOS git-subtree-dir: src/secp256k1 git-subtree-split: b19c000
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.