mirror of
https://github.com/curl/curl.git
synced 2025-04-18 16:30:45 +08:00
65fca12e63
For ASN.1 tags with indefinite length, curl's own parser for TLS backends that do not support certificate inspection calls itself recursively. A malicious server certificate can then lead to high recursion level exhausting the stack space. This PR limits the recursion level to 16 which should be safe on all architectures. Added unit test 1657 to verify behaviour. Fixes #16135 Reported-by: z2_ Closes #16137
23 lines
238 B
Plaintext
23 lines
238 B
Plaintext
<testcase>
|
|
<info>
|
|
<keywords>
|
|
unittest
|
|
Curl_x509_getASN1Element
|
|
</keywords>
|
|
</info>
|
|
|
|
#
|
|
# Client-side
|
|
<client>
|
|
<server>
|
|
none
|
|
</server>
|
|
<features>
|
|
unittest
|
|
</features>
|
|
<name>
|
|
Curl_x509_getASN1Element unit tests
|
|
</name>
|
|
</client>
|
|
</testcase>
|