projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ddc606c) | patch
Harden ASN.1 BIO handling of large amounts of data.
authorDr. Stephen Henson <steve@openssl.org>
Mon, 11 Apr 2016 12:57:20 +0000 (13:57 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 22 Apr 2016 23:26:43 +0000 (00:26 +0100)
commitc62981390d6cf9e3d612c489b8b77c2913b25807
tree9b9c694270edbf0b45ee918c7f47d84713cb3e40tree | snapshot
parentddc606c914e72e770dbe8293a65585b7c3017bbacommit | diff
Harden ASN.1 BIO handling of large amounts of data.

If the ASN.1 BIO is presented with a large length field read it in
chunks of increasing size checking for EOF on each read. This prevents
small files allocating excessive amounts of data.

CVE-2016-2109

Thanks to Brian Carpenter for reporting this issue.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
crypto/asn1/a_d2i_fp.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.