diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-04-28 12:55:29 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-04-29 19:45:52 +0100 |
commit | 65cb92f4da37a3895437f0c9940ee0bcf9f28c8a (patch) | |
tree | ada41f67a0ca52f0e4c20668836a20ebbda5b132 /crypto/asn1 | |
parent | 4436299296cc10c6d6611b066b4b73dc0bdae1a6 (diff) |
Add size limit to X509_NAME structure.
This adds an explicit limit to the size of an X509_NAME structure. Some
part of OpenSSL (e.g. TLS) already effectively limit the size due to
restrictions on certificate size.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 295f3a24919157e2f9021d0b1709353710ad63db)
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/x_name.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c index 737c426f2d..a858c2993b 100644 --- a/crypto/asn1/x_name.c +++ b/crypto/asn1/x_name.c @@ -66,6 +66,13 @@ typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY; DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY) +/* + * Maximum length of X509_NAME: much larger than anything we should + * ever see in practice. + */ + +#define X509_NAME_MAX (1024 * 1024) + static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, @@ -192,6 +199,10 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, int i, j, ret; STACK_OF(X509_NAME_ENTRY) *entries; X509_NAME_ENTRY *entry; + if (len > X509_NAME_MAX) { + ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG); + return 0; + } q = p; /* Get internal representation of Name */ |