The branch OpenSSL_1_0_2-stable has been updated via d88ef40a1e5c81d0d32b4a431e55f5456e678dd2 (commit) from 9252d71557c49fbb802854ea0de58e319645a448 (commit)
- Log ----------------------------------------------------------------- commit d88ef40a1e5c81d0d32b4a431e55f5456e678dd2 Author: Dr. Stephen Henson <st...@openssl.org> Date: Thu Sep 3 14:27:19 2015 +0100 Limit depth of ASN1 parse printing. Thanks to Guido Vranken <guidovran...@gmail.com> for reporting this issue. Reviewed-by: Tim Hudson <t...@openssl.org> (cherry picked from commit 158e5207a794603f5d64ffa95e0247c7808ab445) Conflicts: crypto/asn1/asn1_par.c ----------------------------------------------------------------------- Summary of changes: crypto/asn1/asn1_par.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c index a5d2da1..21dfe0c 100644 --- a/crypto/asn1/asn1_par.c +++ b/crypto/asn1/asn1_par.c @@ -62,6 +62,10 @@ #include <openssl/objects.h> #include <openssl/asn1.h> +#ifndef ASN1_PARSE_MAXDEPTH +#define ASN1_PARSE_MAXDEPTH 128 +#endif + static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, int indent); static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, @@ -128,6 +132,12 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, #else dump_indent = 6; /* Because we know BIO_dump_indent() */ #endif + + if (depth > ASN1_PARSE_MAXDEPTH) { + BIO_puts(bp, "BAD RECURSION DEPTH\n"); + goto end; + } + p = *pp; tot = p + length; op = p - 1; _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits