boringssl/crypto/err
David Benjamin 2a19a17ca7 Limit ASN.1 constructed types recursive definition depth
Constructed types with a recursive definition could eventually exceed
the stack given malicious input with excessive recursion. Therefore we
limit the stack depth.

CVE-2018-0739

Credit to OSSFuzz for finding this issue.

(Imported from upstream's 9310d45087ae546e27e61ddf8f6367f29848220d.)

BoringSSL does not contain any such structures, but import this anyway
with a test.

Change-Id: I0e84578ea795134f25dae2ac8b565f3c26ef3204
Reviewed-on: https://boringssl-review.googlesource.com/26844
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-03-27 15:40:37 +00:00
..
asn1.errordata Limit ASN.1 constructed types recursive definition depth 2018-03-27 15:40:37 +00:00
bio.errordata
bn.errordata
cipher.errordata Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
CMakeLists.txt
conf.errordata
dh.errordata
digest.errordata
dsa.errordata
ec.errordata Make ECDSA signing 10% faster and plug some timing leaks. 2017-11-22 22:51:40 +00:00
ecdh.errordata
ecdsa.errordata
engine.errordata
err_data_generate.go
err_test.cc Add the ability to save and restore the error state. 2017-10-09 21:43:13 +00:00
err.c Add the ability to save and restore the error state. 2017-10-09 21:43:13 +00:00
evp.errordata Implement scrypt from RFC 7914. 2017-06-12 20:32:21 +00:00
hkdf.errordata
internal.h Add the ability to save and restore the error state. 2017-10-09 21:43:13 +00:00
obj.errordata Reimplement OBJ_txt2obj and add a lower-level function. 2017-11-27 21:29:00 +00:00
pem.errordata
pkcs7.errordata
pkcs8.errordata
rsa.errordata
ssl.errordata Push an error if custom private keys fail. 2018-02-01 21:43:42 +00:00
x509.errordata
x509v3.errordata