projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a3b0d46) | patch
Fix out-of-memory condition in conf
authorMatt Caswell <matt@openssl.org>
Fri, 10 Mar 2017 10:51:35 +0000 (10:51 +0000)
committerMatt Caswell <matt@openssl.org>
Sun, 12 Mar 2017 00:19:14 +0000 (00:19 +0000)
commit8a585601fea1091022034dd14b961c1ecd5916c3
tree89aabb7a9041e1c7cd13a87265551adb6b469581tree | snapshot
parenta3b0d466930ec45bc3ddf4c9e853d73d37783f44commit | diff
Fix out-of-memory condition in conf

conf has the ability to expand variables in config files. Repeatedly doing
this can lead to an exponential increase in the amount of memory required.
This places a limit on the length of a value that can result from an
expansion.

Credit to OSS-Fuzz for finding this problem.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2894)
crypto/conf/conf_def.c diff | blob | history
crypto/conf/conf_err.c diff | blob | history
doc/man5/config.pod diff | blob | history
fuzz/corpora/conf/0d7ad6e04c0235cdc590756ceec867a05cff5823 [new file with mode: 0644] blob
include/openssl/conf.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.