summaryrefslogtreecommitdiff
path: root/src/lib/libc/crypt/cryptutil.c
diff options
context:
space:
mode:
authortb <>2019-04-13 18:42:23 +0000
committertb <>2019-04-13 18:42:23 +0000
commit7f8c02610499bcbf5898ab3d890458cf367c8866 (patch)
tree68e67bf426c34e0c27c2e29dd3cdb3c9e1f11494 /src/lib/libc/crypt/cryptutil.c
parentd780f0b3af2df25277b17867d909cd85c0476369 (diff)
downloadopenbsd-7f8c02610499bcbf5898ab3d890458cf367c8866.tar.gz
openbsd-7f8c02610499bcbf5898ab3d890458cf367c8866.tar.bz2
openbsd-7f8c02610499bcbf5898ab3d890458cf367c8866.zip
Avoid quadratic behavior of decimal BIGNUM conversion
The complexity of BN_bn2dec(bn) is quadratic in the length of bn. This function is used for printing numbers in CRLs which are typically small. If a BN is larger than 127 bits, dump it as hex because that's cheap and for numbers this size not significantly harder for humans to parse. OpenSSL commit 10a3195fcf7d04ba519651cf12e945a8fe470a3c by David Benjamin (still under the old licence), but significantly simplified. Ideally, we would catch excessively large numbers on deserialization, but that is made trickier by the templated ASN1. Erroring out is also not an option since the relevant part of the x509v3/ directory doesn't like to do proper error checking (looking at you v2i and i2v). Timeout found by oss-fuzz, should fix issues #13823 and #14130. input & ok jsing
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions