Limit depth of ASN1 parse printing.
Thanks to Guido Vranken <guidovranken@gmail.com> for reporting this issue. Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
parent
de17db915e
commit
158e5207a7
@ -62,6 +62,10 @@
|
|||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/asn1.h>
|
#include <openssl/asn1.h>
|
||||||
|
|
||||||
|
#ifndef ASN1_PARSE_MAXDEPTH
|
||||||
|
#define ASN1_PARSE_MAXDEPTH 128
|
||||||
|
#endif
|
||||||
|
|
||||||
static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
|
static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
|
||||||
int indent);
|
int indent);
|
||||||
static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
||||||
@ -123,6 +127,11 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
|
|||||||
/* ASN1_BMPSTRING *bmp=NULL; */
|
/* ASN1_BMPSTRING *bmp=NULL; */
|
||||||
int dump_indent;
|
int dump_indent;
|
||||||
|
|
||||||
|
if (depth > ASN1_PARSE_MAXDEPTH) {
|
||||||
|
BIO_puts(bp, "BAD RECURSION DEPTH\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
|
||||||
dump_indent = 6; /* Because we know BIO_dump_indent() */
|
dump_indent = 6; /* Because we know BIO_dump_indent() */
|
||||||
p = *pp;
|
p = *pp;
|
||||||
tot = p + length;
|
tot = p + length;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user