boringssl

History

David Benjamin 2d05568a7b Fix out-of-memory condition in conf. conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion. Credit to OSS-Fuzz for finding this problem. (Imported from upstream's 6a6213556a80ab0a9eb926a1d6023b8bf44f2afd. This also import's upstream's ee1ccd0a41ad068957fe65ba7521e593b51bbad4 which we had previously missed.) Change-Id: I9be06a7e8a062b5adcd00c974a7b245226123563 Reviewed-on: https://boringssl-review.googlesource.com/14316 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	2017-03-21 16:19:22 +00:00
..
openssl	Fix out-of-memory condition in conf.	2017-03-21 16:19:22 +00:00

David Benjamin 2d05568a7b Fix out-of-memory condition in conf.

conf has the ability to expand variables in config files. Repeatedly doing
this can lead to an exponential increase in the amount of memory required.
This places a limit on the length of a value that can result from an
expansion.

Credit to OSS-Fuzz for finding this problem.

(Imported from upstream's 6a6213556a80ab0a9eb926a1d6023b8bf44f2afd. This
also import's upstream's ee1ccd0a41ad068957fe65ba7521e593b51bbad4 which
we had previously missed.)

Change-Id: I9be06a7e8a062b5adcd00c974a7b245226123563
Reviewed-on: https://boringssl-review.googlesource.com/14316
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

2017-03-21 16:19:22 +00:00

openssl

Fix out-of-memory condition in conf.

2017-03-21 16:19:22 +00:00