Limit ASN.1 constructed types recursive definition depth

Constructed types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. Therefore we limit the stack depth. CVE-2018-0739 Credit to OSSFuzz for finding this issue. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Matt Caswell <matt@openssl.org> 2018-03-22 09:39:53 +0000
committer: Matt Caswell <matt@openssl.org> 2018-03-27 10:22:49 +0100
commit: 4cabbb9f485ba7d1edcfbbd2aa8610159f94543e (patch)
tree: 354d2b718c38cc7b934fc10f5481e0e8d5b3a7c1 /crypto/err
parent: faec5c4a8aa3943d835bdad26800a103426b0eda (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index bb8c157405..4fa56fd977 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1680,6 +1680,7 @@ ASN1_R_MISSING_VALUE:189:missing value
 ASN1_R_MSTRING_NOT_UNIVERSAL:139:mstring not universal
 ASN1_R_MSTRING_WRONG_TAG:140:mstring wrong tag
 ASN1_R_NESTED_ASN1_STRING:197:nested asn1 string
+ASN1_R_NESTED_TOO_DEEP:201:nested too deep
 ASN1_R_NON_HEX_CHARACTERS:141:non hex characters
 ASN1_R_NOT_ASCII_FORMAT:190:not ascii format
 ASN1_R_NOT_ENOUGH_DATA:142:not enough data
author	Matt Caswell <matt@openssl.org>	2018-03-22 09:39:53 +0000
committer	Matt Caswell <matt@openssl.org>	2018-03-27 10:22:49 +0100
commit	4cabbb9f485ba7d1edcfbbd2aa8610159f94543e (patch)
tree	354d2b718c38cc7b934fc10f5481e0e8d5b3a7c1 /crypto/err
parent	faec5c4a8aa3943d835bdad26800a103426b0eda (diff)