Fix out-of-memory condition in conf

conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion. Credit to OSS-Fuzz for finding this problem. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2894)
author: Matt Caswell <matt@openssl.org> 2017-03-10 10:51:35 +0000
committer: Matt Caswell <matt@openssl.org> 2017-03-12 00:19:14 +0000
commit: 8a585601fea1091022034dd14b961c1ecd5916c3 (patch)
tree: 89aabb7a9041e1c7cd13a87265551adb6b469581 /include/openssl
parent: a3b0d466930ec45bc3ddf4c9e853d73d37783f44 (diff)
download: openssl-8a585601fea1091022034dd14b961c1ecd5916c3.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/include/openssl/conf.h b/include/openssl/conf.h
index 462e3c9d39..980a51b157 100644
--- a/include/openssl/conf.h
+++ b/include/openssl/conf.h
@@ -208,6 +208,7 @@ int ERR_load_CONF_strings(void);
 # define CONF_R_NO_VALUE                                  108
 # define CONF_R_UNABLE_TO_CREATE_NEW_SECTION              103
 # define CONF_R_UNKNOWN_MODULE_NAME                       113
+# define CONF_R_VARIABLE_EXPANSION_TOO_LONG               116
 # define CONF_R_VARIABLE_HAS_NO_VALUE                     104
 
 # ifdef  __cplusplus
author	Matt Caswell <matt@openssl.org>	2017-03-10 10:51:35 +0000
committer	Matt Caswell <matt@openssl.org>	2017-03-12 00:19:14 +0000
commit	8a585601fea1091022034dd14b961c1ecd5916c3 (patch)
tree	89aabb7a9041e1c7cd13a87265551adb6b469581 /include/openssl
parent	a3b0d466930ec45bc3ddf4c9e853d73d37783f44 (diff)
download	openssl-8a585601fea1091022034dd14b961c1ecd5916c3.tar.gz