Limit depth of ASN1 parse printing.

author Dr. Stephen Henson <steve@openssl.org>

Thu, 3 Sep 2015 13:27:19 +0000 (14:27 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Tue, 24 Nov 2015 15:31:05 +0000 (15:31 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Thu, 3 Sep 2015 13:27:19 +0000 (14:27 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Tue, 24 Nov 2015 15:31:05 +0000 (15:31 +0000)
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c

index e15e341ad8d2e3d113de68e3f0ff6181d5dd7b2f..8120f26deda0f0f3afc030317a302f8640dd1a9f 100644 (file)
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -62,6 +62,10 @@
  #include <openssl/objects.h>
  #include <openssl/asn1.h>
  
+#ifndef ASN1_PARSE_MAXDEPTH
+#define ASN1_PARSE_MAXDEPTH 128
+#endif
+
  static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
                             int indent);
  static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
@@ -134,6 +138,12 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
  #else
      dump_indent = 6;            /* Because we know BIO_dump_indent() */
  #endif
+
+    if (depth > ASN1_PARSE_MAXDEPTH) {
+            BIO_puts(bp, "BAD RECURSION DEPTH\n");
+            goto end;
+    }
+
      p = *pp;
      tot = p + length;
      op = p - 1;
author	Dr. Stephen Henson <steve@openssl.org>
	Thu, 3 Sep 2015 13:27:19 +0000 (14:27 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 24 Nov 2015 15:31:05 +0000 (15:31 +0000)