https://miscreants.github.io/blog.trailofbits.com/authors/damien-santiago/Recent content in Damien Santiago on The Trail of Bits BlogHugoen-usFri, 22 Dec 2023 09:00:35 -0500https://miscreants.github.io/blog.trailofbits.com/2023/12/22/catching-openssl-misuse-using-codeql/Fri, 22 Dec 2023 09:00:35 -0500https://miscreants.github.io/blog.trailofbits.com/2023/12/22/catching-openssl-misuse-using-codeql/I’ve created five CodeQL queries that catch potentially potent bugs in the OpenSSL libcrypto API, a widely adopted but often unforgiving API that can be misused to cause memory leaks, authentication bypasses, and other subtle cryptographic issues in implementations. These queries—which I developed during my internship with my mentors, Fredrik Dahlgren and […]