projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9676402) | patch
Harden ASN.1 BIO handling of large amounts of data.
authorDr. Stephen Henson <steve@openssl.org>
Mon, 11 Apr 2016 12:57:20 +0000 (13:57 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 22 Apr 2016 23:27:42 +0000 (00:27 +0100)
commitf32774087f7b3db1f789688368d16d917757421e
tree57637e4918ff392b4607b762981ddeb05cef0906tree | snapshot
parent9676402c3a6657781a65836c716066d3d39ee54fcommit | diff
Harden ASN.1 BIO handling of large amounts of data.

If the ASN.1 BIO is presented with a large length field read it in
chunks of increasing size checking for EOF on each read. This prevents
small files allocating excessive amounts of data.

CVE-2016-2109

Thanks to Brian Carpenter for reporting this issue.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(cherry picked from commit c62981390d6cf9e3d612c489b8b77c2913b25807)
crypto/asn1/a_d2i_fp.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.