Merge pull request #4540 from mrezai/openssl-1.0.2h

Update OpenSSL to 1.0.2h
author: Rémi Verschelde <remi@verschelde.fr> 2016-05-04 08:35:35 +0200
committer: Rémi Verschelde <remi@verschelde.fr> 2016-05-04 08:35:35 +0200
commit: 3279ad79c3dcecbb2c5c001775d7a28f982e0955 (patch)
tree: 2511b58f7b1b50fc0b9b84efa1c29fe25bd7876b /drivers/builtin_openssl2/crypto/asn1/x_name.c
parent: 6a4b62e72069f7c96f8b7cb9b7855da0bbd84b63 (diff)
parent: ab623c923d4e2c950342aec5da371cb92b1fbbc6 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/drivers/builtin_openssl2/crypto/asn1/x_name.c b/drivers/builtin_openssl2/crypto/asn1/x_name.c
index 737c426f2d..a858c2993b 100644
--- a/drivers/builtin_openssl2/crypto/asn1/x_name.c
+++ b/drivers/builtin_openssl2/crypto/asn1/x_name.c
@@ -66,6 +66,13 @@
 typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
 DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
 
+/*
+ * Maximum length of X509_NAME: much larger than anything we should
+ * ever see in practice.
+ */
+
+#define X509_NAME_MAX (1024 * 1024)
+
 static int x509_name_ex_d2i(ASN1_VALUE **val,
                             const unsigned char **in, long len,
                             const ASN1_ITEM *it,
@@ -192,6 +199,10 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
     int i, j, ret;
     STACK_OF(X509_NAME_ENTRY) *entries;
     X509_NAME_ENTRY *entry;
+    if (len > X509_NAME_MAX) {
+        ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG);
+        return 0;
+    }
     q = p;
 
     /* Get internal representation of Name */
author	Rémi Verschelde <remi@verschelde.fr>	2016-05-04 08:35:35 +0200
committer	Rémi Verschelde <remi@verschelde.fr>	2016-05-04 08:35:35 +0200
commit	3279ad79c3dcecbb2c5c001775d7a28f982e0955 (patch)
tree	2511b58f7b1b50fc0b9b84efa1c29fe25bd7876b /drivers/builtin_openssl2/crypto/asn1/x_name.c
parent	6a4b62e72069f7c96f8b7cb9b7855da0bbd84b63 (diff)
parent	ab623c923d4e2c950342aec5da371cb92b1fbbc6 (diff)