Limit depth of ASN1 parse printing. (Imported from upstream's d88ef40a1e5c81d0d32b4a431e55f5456e678dd2 and 943c4ca62b3f5a160340d57aecb9413407a06e15.) Change-Id: Idd52aebae6839695be0f3a8a7659adeec6650b98 Reviewed-on: https://boringssl-review.googlesource.com/6556 Reviewed-by: Adam Langley <agl@google.com>

commit: c100ef43790a0f3da3018325fe1486f6fe2558f1 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Tue Nov 24 17:19:12 2015 -0500
committer: Adam Langley <agl@google.com> Tue Dec 15 19:06:04 2015 +0000
tree: f847105f626b4db75f9ee74332246e4f3395bd54
parent: 2205093e7e884d390f05e30202ea7fc2c4eb137c [diff]
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index aff3e2b..e04aa1e 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c

@@ -61,6 +61,8 @@
 #include <openssl/mem.h>
 
 
+#define ASN1_PARSE_MAXDEPTH 128
+
 static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
 	int indent);
 static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
@@ -125,6 +127,13 @@
 #else
 	dump_indent = 6;	/* Because we know BIO_dump_indent() */
 #endif
+
+	if (depth > ASN1_PARSE_MAXDEPTH)
+		{
+		BIO_puts(bp, "BAD RECURSION DEPTH\n");
+		return 0;
+		}
+
 	p= *pp;
 	tot=p+length;
 	op=p-1;
commit	c100ef43790a0f3da3018325fe1486f6fe2558f1	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Tue Nov 24 17:19:12 2015 -0500
committer	Adam Langley <agl@google.com>	Tue Dec 15 19:06:04 2015 +0000
tree	f847105f626b4db75f9ee74332246e4f3395bd54
parent	2205093e7e884d390f05e30202ea7fc2c4eb137c [diff]