git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Fri, 10 Mar 2017 10:51:35 +0000 (10:51 +0000)
committer	Matt Caswell <matt@openssl.org>
	Sun, 12 Mar 2017 00:24:40 +0000 (00:24 +0000)
commit	c2f9144e52a3168a6faca83839367b0adfedfc50
tree	2cc341aa455be9be280c27e535af12d26b7bc4af	tree \| snapshot
parent	a3b56f2f43b4f405a7023f055520075e327501bd	commit \| diff

Fix out-of-memory condition in conf

conf has the ability to expand variables in config files. Repeatedly doing
this can lead to an exponential increase in the amount of memory required.
This places a limit on the length of a value that can result from an
expansion.

Credit to OSS-Fuzz for finding this problem.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2894)
(cherry picked from commit 8a585601fea1091022034dd14b961c1ecd5916c3)

crypto/conf/conf_def.c		diff \| blob \| history
crypto/conf/conf_err.c		diff \| blob \| history
doc/apps/config.pod		diff \| blob \| history
fuzz/corpora/conf/0d7ad6e04c0235cdc590756ceec867a05cff5823	[new file with mode: 0644]	blob
include/openssl/conf.h		diff \| blob \| history