diff options
| author | inoguchi <> | 2018-03-29 02:29:24 +0000 |
|---|---|---|
| committer | inoguchi <> | 2018-03-29 02:29:24 +0000 |
| commit | 85b83d75a71cd280d1ffd7aa6bbbbb7154a8ffc4 (patch) | |
| tree | f9b6bdd41ab07ed56e7beeeb034e6db74420d3ea /src/lib/libcrypto/asn1/asn1_err.c | |
| parent | 46b5d933b38b75b127fede5f1fa076d84c7714a1 (diff) | |
| download | openbsd-85b83d75a71cd280d1ffd7aa6bbbbb7154a8ffc4.tar.gz openbsd-85b83d75a71cd280d1ffd7aa6bbbbb7154a8ffc4.tar.bz2 openbsd-85b83d75a71cd280d1ffd7aa6bbbbb7154a8ffc4.zip | |
Limit ASN.1 constructed types recursive definition depth
Fixes for CVE-2018-0739.
Copied from commit below, and modified for adaption to our code.
https://github.com/openssl/openssl/commit/9310d45087ae546e27e61ddf8f6367f29848220d
ok bcook@ beck@ jsing@
Diffstat (limited to 'src/lib/libcrypto/asn1/asn1_err.c')
| -rw-r--r-- | src/lib/libcrypto/asn1/asn1_err.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c index 0c827a9236..5cc355084f 100644 --- a/src/lib/libcrypto/asn1/asn1_err.c +++ b/src/lib/libcrypto/asn1/asn1_err.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: asn1_err.c,v 1.20 2017/01/29 17:49:22 beck Exp $ */ | 1 | /* $OpenBSD: asn1_err.c,v 1.21 2018/03/29 02:29:24 inoguchi Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -150,6 +150,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = { | |||
| 150 | {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"}, | 150 | {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"}, |
| 151 | {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) , "mstring wrong tag"}, | 151 | {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) , "mstring wrong tag"}, |
| 152 | {ERR_REASON(ASN1_R_NESTED_ASN1_STRING) , "nested asn1 string"}, | 152 | {ERR_REASON(ASN1_R_NESTED_ASN1_STRING) , "nested asn1 string"}, |
| 153 | {ERR_REASON(ASN1_R_NESTED_TOO_DEEP) , "nested too deep"}, | ||
| 153 | {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) , "non hex characters"}, | 154 | {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) , "non hex characters"}, |
| 154 | {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT) , "not ascii format"}, | 155 | {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT) , "not ascii format"}, |
| 155 | {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) , "not enough data"}, | 156 | {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) , "not enough data"}, |