By Damien Santiago I’ve created five CodeQL queries that catch potentially potent bugs in the OpenSSL libcrypto API, a widely adopted but often unforgiving API that can be misused to cause memory leaks, authentication bypasses, and other subtle cryptographic issues in implementations. These queries—which I developed during my internship with my mentors, Fredrik Dahlgren and […]

The post Catching OpenSSL misuse using CodeQL appeared first on Security Boulevard.

Trail of Bits

Source: Security Boulevard
Source Link: https://securityboulevard.com/2023/12/catching-openssl-misuse-using-codeql/