commit 2bcb3151384b8c117d7b1c260a04b525cd568e0f
author Adam Langley <agl@google.com> Wed Aug 08 08:16:29 2018 -0700
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Aug 08 16:12:50 2018 +0000
tree 794a7103044c5eee4b0817462c470ddcb40ec9ed
parent 6410e18e9190b6b0c71955119fbf3cae1b9eedb7

Limit the number of PBKDF2 iterations when fuzzing.

(Otherwise the fuzzer will discover that it can trigger extremely large
amounts of computation and start timing out.)

BUG=oss-fuzz:9767

Change-Id: Ibc1da5a90da169c7caf522f792530d1020f8cb54
Reviewed-on: https://boringssl-review.googlesource.com/30404
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

crypto/pkcs8/pkcs8_x509.c

diff --git a/crypto/pkcs8/pkcs8_x509.c b/crypto/pkcs8/pkcs8_x509.c
index 5d7178a..811ab16 100644
--- a/crypto/pkcs8/pkcs8_x509.c
+++ b/crypto/pkcs8/pkcs8_x509.c
@@ -669,11 +669,17 @@
       goto err;
     }
 
+#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
+    static const uint64_t kIterationsLimit = 1024;
+#else
+    static const uint64_t kIterationsLimit = UINT_MAX;
+#endif
+
     // The iteration count is optional and the default is one.
     uint64_t iterations = 1;
     if (CBS_len(&mac_data) > 0) {
       if (!CBS_get_asn1_uint64(&mac_data, &iterations) ||
-          iterations > UINT_MAX) {
+          iterations > kIterationsLimit) {
         OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA);
         goto err;
       }