From: openssl-users On Behalf Of Dr. Stephen Henson
Sent: Friday, February 20, 2015 17:24
On Fri, Feb 20, 2015, Nathaniel McCallum wrote:
I'd like to use ASN1_item_d2i_bio() (or something similar) to parse an
incoming message. However, given that types like ASN1_OCTET_STRING
have
On Fri, Feb 20, 2015, Nathaniel McCallum wrote:
I'd like to use ASN1_item_d2i_bio() (or something similar) to parse an
incoming message. However, given that types like ASN1_OCTET_STRING
have (essentially) unbounded length, how do I prevent an attacker from
DOS'ing via OOM?
Is there some
I'd like to use ASN1_item_d2i_bio() (or something similar) to parse an
incoming message. However, given that types like ASN1_OCTET_STRING
have (essentially) unbounded length, how do I prevent an attacker from
DOS'ing via OOM?
Is there some way to set a max packet size?
Nathaniel