Limit depth of ASN1 parse printing.

Thanks to Guido Vranken <guidovranken@gmail.com> for reporting this issue. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 158e5207a794603f5d64ffa95e0247c7808ab445) Conflicts: crypto/asn1/asn1_par.c
author: Dr. Stephen Henson <steve@openssl.org> 2015-09-03 14:27:19 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2015-11-24 15:29:05 +0000
commit: d88ef40a1e5c81d0d32b4a431e55f5456e678dd2 (patch)
tree: b37f7401177b191929d2645cb3d3956d81fdf967 /crypto/asn1
parent: 9252d71557c49fbb802854ea0de58e319645a448 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index a5d2da10bb..21dfe0c49e 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -62,6 +62,10 @@
 #include <openssl/objects.h>
 #include <openssl/asn1.h>
 
+#ifndef ASN1_PARSE_MAXDEPTH
+#define ASN1_PARSE_MAXDEPTH 128
+#endif
+
 static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
                            int indent);
 static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
@@ -128,6 +132,12 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
 #else
     dump_indent = 6;            /* Because we know BIO_dump_indent() */
 #endif
+
+    if (depth > ASN1_PARSE_MAXDEPTH) {
+            BIO_puts(bp, "BAD RECURSION DEPTH\n");
+            goto end;
+    }
+
     p = *pp;
     tot = p + length;
     op = p - 1;
author	Dr. Stephen Henson <steve@openssl.org>	2015-09-03 14:27:19 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2015-11-24 15:29:05 +0000
commit	d88ef40a1e5c81d0d32b4a431e55f5456e678dd2 (patch)
tree	b37f7401177b191929d2645cb3d3956d81fdf967 /crypto/asn1
parent	9252d71557c49fbb802854ea0de58e319645a448 (diff)