diff options
author | Matt Caswell <matt@openssl.org> | 2018-03-22 09:39:53 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-03-27 10:23:34 +0100 |
commit | 2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33 (patch) | |
tree | 0e69c6d2738c34c03744560beddf5b15ec73585b /include | |
parent | d8278dac47996a442a480958702d913f2eff7b93 (diff) |
Limit ASN.1 constructed types recursive definition depth
Constructed types with a recursive definition (such as can be found in
PKCS7) could eventually exceed the stack given malicious input with
excessive recursion. Therefore we limit the stack depth.
CVE-2018-0739
Credit to OSSFuzz for finding this issue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/asn1.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h index 35637ccbdb..7e8788ff98 100644 --- a/include/openssl/asn1.h +++ b/include/openssl/asn1.h @@ -1051,6 +1051,7 @@ int ERR_load_ASN1_strings(void); # define ASN1_R_MSTRING_NOT_UNIVERSAL 139 # define ASN1_R_MSTRING_WRONG_TAG 140 # define ASN1_R_NESTED_ASN1_STRING 197 +# define ASN1_R_NESTED_TOO_DEEP 201 # define ASN1_R_NON_HEX_CHARACTERS 141 # define ASN1_R_NOT_ASCII_FORMAT 190 # define ASN1_R_NOT_ENOUGH_DATA 142 |