Skip to content
Commit c6298139 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Harden ASN.1 BIO handling of large amounts of data.



If the ASN.1 BIO is presented with a large length field read it in
chunks of increasing size checking for EOF on each read. This prevents
small files allocating excessive amounts of data.

CVE-2016-2109

Thanks to Brian Carpenter for reporting this issue.

Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
parent ddc606c9
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment