tnozaki / NetBSD / issues / #144 - [OpenSSL-1.0.2] TNF local patch - CVE-2018-0739 Constructed ASN.1 types with a recursive definition could exceed the stack

Takehiko NOZAKI reporter

BUGFIX: Issue ~~#144~~ - CVE-2018-0739 Constructed ASN.1 types with a recursive definition could exceed the stack

cherry-picked from OpenSSL-1_0_2-stable branch: https://github.com/openssl/openssl/commit/9310d45087ae546e27e61ddf8f6367f29848220d

original commit message:

Limit ASN.1 constructed types recursive definition depth

Constructed types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. Therefore we limit the stack depth.

CVE-2018-0739

Credit to OSSFuzz for finding this issue.

Reviewed-by: Rich Salz rsalz@openssl.org

→ <<cset dd37c1f9c22251ab25d7305df474efe5b2c6d43c>>

2019-07-23T14:42:20+00:00

Comments (1)

Takehiko NOZAKI reporter
BUGFIX: Issue ~~#144~~ - CVE-2018-0739 Constructed ASN.1 types with a recursive definition could exceed the stack

cherry-picked from OpenSSL-1_0_2-stable branch: https://github.com/openssl/openssl/commit/9310d45087ae546e27e61ddf8f6367f29848220d

original commit message:

Limit ASN.1 constructed types recursive definition depth

Constructed types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. Therefore we limit the stack depth.

CVE-2018-0739

Credit to OSSFuzz for finding this issue.

Reviewed-by: Rich Salz rsalz@openssl.org

→ <<cset dd37c1f9c22251ab25d7305df474efe5b2c6d43c>>
- 2019-07-23T14:42:20+00:00
Log in to comment