CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth

Add maximum parse tree depth to the call to asn1_init, which will be used to limit the depth of the ASN.1 parse tree. Credit to OSS-Fuzz REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Gary Lockyer <gary@catalyst.net.nz> 2020-04-03 12:18:03 +1300
committer: Gary Lockyer <gary@samba.org> 2020-05-04 02:59:31 +0000
commit: f467727db5ff6a6e58d9b590e4d443a1d974b679 (patch)
tree: 9269acc0655bcfee4676215c85f8c2ad79ef2744 /lib/util/tests
parent: 62621bd686a91328ae378cd56f9876c66be8eac4 (diff)
download: samba-f467727db5ff6a6e58d9b590e4d443a1d974b679.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/util/tests/asn1_tests.c b/lib/util/tests/asn1_tests.c
index e4b386ad785..ab5262c4ffb 100644
--- a/lib/util/tests/asn1_tests.c
+++ b/lib/util/tests/asn1_tests.c
@@ -330,7 +330,7 @@ static bool test_asn1_Integer(struct torture_context *tctx)
 		DATA_BLOB blob;
 		int val;
 
-		data = asn1_init(mem_ctx);
+		data = asn1_init(mem_ctx, ASN1_MAX_TREE_DEPTH);
 		if (!data) {
 			goto err;
 		}
author	Gary Lockyer <gary@catalyst.net.nz>	2020-04-03 12:18:03 +1300
committer	Gary Lockyer <gary@samba.org>	2020-05-04 02:59:31 +0000
commit	f467727db5ff6a6e58d9b590e4d443a1d974b679 (patch)
tree	9269acc0655bcfee4676215c85f8c2ad79ef2744 /lib/util/tests
parent	62621bd686a91328ae378cd56f9876c66be8eac4 (diff)
download	samba-f467727db5ff6a6e58d9b590e4d443a1d974b679.tar.gz