[OpenSSL-1.0.2] TNF local patch - CVE-2018-0739 Constructed ASN.1 types with a recursive definition could exceed the stack
Issue #144
resolved
TNF local patch audit
- crypto/asn1/asn1.h
- crypto/asn1/asn1_err.c
- crypto/asn1/tasn_dec.c
original commit message:
http://mail-index.netbsd.org/source-changes/2018/04/18/msg094491.html
Comments (1)
-
reporter - Log in to comment
BUGFIX: Issue
- CVE-2018-0739 Constructed ASN.1 types with a recursive definition could exceed the stack#144cherry-picked from OpenSSL-1_0_2-stable branch: https://github.com/openssl/openssl/commit/9310d45087ae546e27e61ddf8f6367f29848220d
original commit message:
Limit ASN.1 constructed types recursive definition depth
Constructed types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. Therefore we limit the stack depth.
CVE-2018-0739
Credit to OSSFuzz for finding this issue.
Reviewed-by: Rich Salz rsalz@openssl.org
→ <<cset dd37c1f9c22251ab25d7305df474efe5b2c6d43c>>