The branch master has been updated
via 158e5207a794603f5d64ffa95e0247c7808ab445 (commit)
from de17db915e26452819692fd837d788d52b8dd48a (commit)
- Log -----------------------------------------------------------------
commit 158e5207a794603f5d64ffa95e0247c7808ab445
Author: Dr. Stephen Henson <[email protected]>
Date: Thu Sep 3 14:27:19 2015 +0100
Limit depth of ASN1 parse printing.
Thanks to Guido Vranken <[email protected]> for reporting this issue.
Reviewed-by: Tim Hudson <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/asn1_par.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index 9a370cd..09dde15 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -62,6 +62,10 @@
#include <openssl/objects.h>
#include <openssl/asn1.h>
+#ifndef ASN1_PARSE_MAXDEPTH
+#define ASN1_PARSE_MAXDEPTH 128
+#endif
+
static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
int indent);
static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
@@ -123,6 +127,11 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp,
long length,
/* ASN1_BMPSTRING *bmp=NULL; */
int dump_indent;
+ if (depth > ASN1_PARSE_MAXDEPTH) {
+ BIO_puts(bp, "BAD RECURSION DEPTH\n");
+ goto end;
+ }
+
dump_indent = 6; /* Because we know BIO_dump_indent() */
p = *pp;
tot = p + length;
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
