diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2021-12-09 16:58:45 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2021-12-09 16:58:45 +0000 |
| commit | 03ee4d472802c01dc865f7b484a7352460e6777b (patch) | |
| tree | d710dc427d3fa4cab496498d687aa6258ae87107 /lib | |
| parent | ff2c70b82fe5d1d263e82a153053bf5eb79afd6d (diff) | |
Pull the recursion depth check up to the top of asn1_collect()
ok inoguchi@ tb@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/asn1/tasn_dec.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/lib/libcrypto/asn1/tasn_dec.c b/lib/libcrypto/asn1/tasn_dec.c index b1fb5886c40..aa97bc8f4ef 100644 --- a/lib/libcrypto/asn1/tasn_dec.c +++ b/lib/libcrypto/asn1/tasn_dec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tasn_dec.c,v 1.42 2021/12/09 16:56:15 jsing Exp $ */ +/* $OpenBSD: tasn_dec.c,v 1.43 2021/12/09 16:58:44 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -1020,6 +1020,11 @@ asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, char inf, long plen; char cst, ininf; + if (depth > ASN1_MAX_STRING_NEST) { + ASN1error(ASN1_R_NESTED_ASN1_STRING); + return 0; + } + p = *in; inf &= 1; @@ -1045,10 +1050,6 @@ asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, char inf, /* If indefinite length constructed update max length */ if (cst) { - if (depth >= ASN1_MAX_STRING_NEST) { - ASN1error(ASN1_R_NESTED_ASN1_STRING); - return 0; - } if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, depth + 1)) return 0; |