diff options
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/openssl/ossl_asn1.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c index a3e4afe7c7..517212b4d5 100644 --- a/ext/openssl/ossl_asn1.c +++ b/ext/openssl/ossl_asn1.c @@ -895,6 +895,8 @@ int_ossl_asn1_decode0_cons(unsigned char **pp, long max_len, long length, return asn1data; } +#define MAX_NESTING_DEPTH 200 + static VALUE ossl_asn1_decode0(unsigned char **pp, long length, long *offset, int depth, int yield, long *num_read) @@ -905,6 +907,10 @@ ossl_asn1_decode0(unsigned char **pp, long length, long *offset, int depth, int tag, tc, j; VALUE asn1data, tag_class; + if (depth > MAX_NESTING_DEPTH) { + ossl_raise(eASN1Error, "nesting depth %d exceeds limit", depth); + } + p = *pp; start = p; p0 = p; |