generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Limit depth of ASN1 parse printing.

Browse Source 
Thanks to Guido Vranken <guidovranken@gmail.com> for reporting this issue.

Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2015-09-03 14:27:19 +01:00
parent de17db915e
commit 158e5207a7
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
crypto/asn1/asn1_par.c
View File

@ -62,6 +62,10 @@
#include <openssl/objects.h>
#include <openssl/asn1.h>
#ifndef ASN1_PARSE_MAXDEPTH
#define ASN1_PARSE_MAXDEPTH 128
#endif
static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
int indent);
static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
@ -123,6 +127,11 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
/* ASN1_BMPSTRING *bmp=NULL; */
int dump_indent;
if (depth > ASN1_PARSE_MAXDEPTH) {
BIO_puts(bp, "BAD RECURSION DEPTH\n");
goto end;
}
dump_indent = 6; /* Because we know BIO_dump_indent() */
p = *pp;
tot = p + length;