boringssl/crypto/err
David Benjamin 2a19a17ca7 Limit ASN.1 constructed types recursive definition depth
Constructed types with a recursive definition could eventually exceed
the stack given malicious input with excessive recursion. Therefore we
limit the stack depth.

CVE-2018-0739

Credit to OSSFuzz for finding this issue.

(Imported from upstream's 9310d45087ae546e27e61ddf8f6367f29848220d.)

BoringSSL does not contain any such structures, but import this anyway
with a test.

Change-Id: I0e84578ea795134f25dae2ac8b565f3c26ef3204
Reviewed-on: https://boringssl-review.googlesource.com/26844
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-03-27 15:40:37 +00:00
..
asn1.errordata Limit ASN.1 constructed types recursive definition depth 2018-03-27 15:40:37 +00:00
bio.errordata Get rid of err function codes. 2015-07-16 02:02:08 +00:00
bn.errordata Update BN_enhanced_miller_rabin_primality_test to enforce preconditions and accept BN_prime_checks. 2017-04-21 22:24:01 +00:00
cipher.errordata Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
CMakeLists.txt Move PKCS#7 functions into their own directory. 2017-04-19 17:24:51 +00:00
conf.errordata Fix out-of-memory condition in conf. 2017-03-21 16:19:22 +00:00
dh.errordata Reimplement PKCS #3 DH parameter parsing with crypto/bytestring. 2016-05-09 19:36:41 +00:00
digest.errordata Decouple PKCS#12 hash lookup from the OID table. 2017-03-25 21:22:50 +00:00
dsa.errordata Reimplement DSA parsing logic with crypto/asn1. 2016-02-17 00:26:01 +00:00
ec.errordata Make ECDSA signing 10% faster and plug some timing leaks. 2017-11-22 22:51:40 +00:00
ecdh.errordata Get rid of err function codes. 2015-07-16 02:02:08 +00:00
ecdsa.errordata Get rid of err function codes. 2015-07-16 02:02:08 +00:00
engine.errordata Get rid of err function codes. 2015-07-16 02:02:08 +00:00
err_data_generate.go Make err_data_generator.go silent by default. 2016-04-18 19:42:15 +00:00
err_test.cc Add the ability to save and restore the error state. 2017-10-09 21:43:13 +00:00
err.c Add the ability to save and restore the error state. 2017-10-09 21:43:13 +00:00
evp.errordata Implement scrypt from RFC 7914. 2017-06-12 20:32:21 +00:00
hkdf.errordata Get rid of err function codes. 2015-07-16 02:02:08 +00:00
internal.h Add the ability to save and restore the error state. 2017-10-09 21:43:13 +00:00
obj.errordata Reimplement OBJ_txt2obj and add a lower-level function. 2017-11-27 21:29:00 +00:00
pem.errordata Get rid of err function codes. 2015-07-16 02:02:08 +00:00
pkcs7.errordata Move PKCS#7 functions into their own directory. 2017-04-19 17:24:51 +00:00
pkcs8.errordata Update pkcs8 error data. 2017-03-23 15:07:28 +00:00
rsa.errordata Add RSA_check_fips to support public key validation checks. 2017-04-12 20:00:30 +00:00
ssl.errordata Push an error if custom private keys fail. 2018-02-01 21:43:42 +00:00
x509.errordata Teach crypto/x509 how to verify an Ed25519 signature. 2017-04-05 23:35:30 +00:00
x509v3.errordata Get rid of err function codes. 2015-07-16 02:02:08 +00:00