boringssl/crypto/asn1
David Benjamin 2a19a17ca7 Limit ASN.1 constructed types recursive definition depth
Constructed types with a recursive definition could eventually exceed
the stack given malicious input with excessive recursion. Therefore we
limit the stack depth.

CVE-2018-0739

Credit to OSSFuzz for finding this issue.

(Imported from upstream's 9310d45087ae546e27e61ddf8f6367f29848220d.)

BoringSSL does not contain any such structures, but import this anyway
with a test.

Change-Id: I0e84578ea795134f25dae2ac8b565f3c26ef3204
Reviewed-on: https://boringssl-review.googlesource.com/26844
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2018-03-27 15:40:37 +00:00
..
a_bitstr.c Remove redundant calls to |OPENSSL_cleanse| and |OPENSSL_realloc_clean|. 2017-09-18 19:16:51 +00:00
a_bool.c
a_d2i_fp.c Remove some dead code from crypto/asn1. 2017-06-09 19:58:38 +00:00
a_dup.c
a_enum.c Fix overflow checks when converting ASN.1 integers to long. 2017-10-27 19:08:08 +00:00
a_gentm.c Fix time offset calculation. 2017-05-03 16:23:16 +00:00
a_i2d_fp.c Add error handling in ASN1_i2d_bio. 2017-11-08 23:20:33 +00:00
a_int.c Fix |ASN1_INTEGER_set| when setting zero. 2018-01-02 16:11:31 +00:00
a_mbstr.c Use uint32_t for unicode code points. 2017-12-08 17:51:34 +00:00
a_object.c Reimplement OBJ_txt2obj and add a lower-level function. 2017-11-27 21:29:00 +00:00
a_octet.c
a_print.c Remove some dead code from crypto/asn1. 2017-06-09 19:58:38 +00:00
a_strnid.c Convert stack.h to use inline functions. 2017-05-22 15:06:04 +00:00
a_time.c Fix potential memory leak in ASN1_TIME_to_generalizedtime() 2017-03-21 18:10:51 +00:00
a_type.c
a_utctm.c Fix time offset calculation. 2017-05-03 16:23:16 +00:00
a_utf8.c Use uint32_t for unicode code points. 2017-12-08 17:51:34 +00:00
asn1_lib.c Switch OPENSSL_VERSION_NUMBER to 1.1.0. 2017-09-29 04:51:27 +00:00
asn1_locl.h Use uint32_t for unicode code points. 2017-12-08 17:51:34 +00:00
asn1_par.c
asn1_test.cc Limit ASN.1 constructed types recursive definition depth 2018-03-27 15:40:37 +00:00
asn_pack.c
charmap.pl
CMakeLists.txt Remove some dead code from crypto/asn1. 2017-06-09 19:58:38 +00:00
f_enum.c
f_int.c
f_string.c
tasn_dec.c Limit ASN.1 constructed types recursive definition depth 2018-03-27 15:40:37 +00:00
tasn_enc.c Remove ASN1_template_(i2d,d2i). 2017-09-15 22:53:43 +00:00
tasn_fre.c asn1_item_embed_new(): don't free an embedded item 2017-10-30 18:51:58 +00:00
tasn_new.c asn1_item_embed_new(): don't free an embedded item 2017-10-30 18:51:58 +00:00
tasn_typ.c
tasn_utl.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
time_support.c Fix miscellaneous clang-tidy warnings. 2017-08-01 20:39:46 +00:00