projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: faec5c4) | patch
Limit ASN.1 constructed types recursive definition depth
authorMatt Caswell <matt@openssl.org>
Thu, 22 Mar 2018 09:39:53 +0000 (09:39 +0000)
committerMatt Caswell <matt@openssl.org>
Tue, 27 Mar 2018 09:22:49 +0000 (10:22 +0100)
commit4cabbb9f485ba7d1edcfbbd2aa8610159f94543e
tree354d2b718c38cc7b934fc10f5481e0e8d5b3a7c1tree | snapshot
parentfaec5c4a8aa3943d835bdad26800a103426b0edacommit | diff
Limit ASN.1 constructed types recursive definition depth

Constructed types with a recursive definition (such as can be found in
PKCS7) could eventually exceed the stack given malicious input with
excessive recursion. Therefore we limit the stack depth.

CVE-2018-0739

Credit to OSSFuzz for finding this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
crypto/asn1/asn1_err.c diff | blob | history
crypto/asn1/tasn_dec.c diff | blob | history
crypto/err/openssl.txt diff | blob | history
include/openssl/asn1err.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.