diff options
author | Patrick Monnerat <patrick@monnerat.net> | 2016-11-24 14:28:39 +0100 |
---|---|---|
committer | Patrick Monnerat <patrick@monnerat.net> | 2016-11-24 14:28:39 +0100 |
commit | 945f60e8a7f08aedb0eede5e3574f1972fc86ec8 (patch) | |
tree | 6a3479b7bdaf88a17f4f915846c1fddaff73873a /lib/x509asn1.h | |
parent | 3e9c0230f45cafb9154bb4fcdc8ff2b51f00701a (diff) | |
download | curl-945f60e8a7f08aedb0eede5e3574f1972fc86ec8.tar.gz |
Limit ASN.1 structure sizes to 256K. Prevent some allocation size overflows.
See CRL-01-006.
Diffstat (limited to 'lib/x509asn1.h')
-rw-r--r-- | lib/x509asn1.h | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/x509asn1.h b/lib/x509asn1.h index 0f2b9304f..f5c88e8e0 100644 --- a/lib/x509asn1.h +++ b/lib/x509asn1.h @@ -8,7 +8,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -34,6 +34,9 @@ * Constants. */ +/* Largest supported ASN.1 structure. */ +#define CURL_ASN1_MAX ((size_t) 0x40000) /* 256K */ + /* ASN.1 classes. */ #define CURL_ASN1_UNIVERSAL 0 #define CURL_ASN1_APPLICATION 1 @@ -121,8 +124,8 @@ const char * Curl_getASN1Element(curl_asn1Element * elem, const char * beg, const char * end); const char * Curl_ASN1tostr(curl_asn1Element * elem, int type); const char * Curl_DNtostr(curl_asn1Element * dn); -void Curl_parseX509(curl_X509certificate * cert, - const char * beg, const char * end); +int Curl_parseX509(curl_X509certificate * cert, + const char * beg, const char * end); CURLcode Curl_extract_certinfo(struct connectdata * conn, int certnum, const char * beg, const char * end); CURLcode Curl_verifyhost(struct connectdata * conn, |