You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by mi...@apache.org on 2018/09/02 22:31:19 UTC

svn commit: r1839898 - /apr/apr-util/branches/1.7.x/jose/apr_jose_decode.c

Author: minfrin
Date: Sun Sep  2 22:31:19 2018
New Revision: 1839898

URL: http://svn.apache.org/viewvc?rev=1839898&view=rev
Log:
Backport r1839897

Perform nesting level checks before each invocation of apr_jose_decode()
(when a jose structure has been created to carry the error message).

Modified:
    apr/apr-util/branches/1.7.x/jose/apr_jose_decode.c

Modified: apr/apr-util/branches/1.7.x/jose/apr_jose_decode.c
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.7.x/jose/apr_jose_decode.c?rev=1839898&r1=1839897&r2=1839898&view=diff
==============================================================================
--- apr/apr-util/branches/1.7.x/jose/apr_jose_decode.c (original)
+++ apr/apr-util/branches/1.7.x/jose/apr_jose_decode.c Sun Sep  2 22:31:19 2018
@@ -796,6 +796,13 @@ apr_status_t apr_jose_decode_compact(apr
         }
         else {
 
+            if (level <= 0) {
+                apr_errprintf(&(*jose)->result, pool, NULL, 0,
+                        "Syntax error: too many nested JOSE payloads");
+                return APR_EINVAL;
+            }
+            level--;
+
             status = apr_jose_decode(
                     flags & APR_JOSE_FLAG_DECODE_ALL ?
                             &(*jose)->jose.jws->payload : jose, typ, bb, cb,
@@ -1005,6 +1012,13 @@ apr_status_t apr_jose_decode_json_jws(ap
                                 bb->bucket_alloc);
                         APR_BRIGADE_INSERT_TAIL(bb, e);
 
+                        if (level <= 0) {
+                            apr_errprintf(&(*jose)->result, pool, NULL, 0,
+                                    "Syntax error: too many nested JOSE payloads");
+                            return APR_EINVAL;
+                        }
+                        level--;
+
                         status = apr_jose_decode(
                                 flags & APR_JOSE_FLAG_DECODE_ALL ?
                                         &(*jose)->jose.jwe->payload : jose, typ,
@@ -1144,6 +1158,13 @@ apr_status_t apr_jose_decode_json_jws(ap
             bb->bucket_alloc);
     APR_BRIGADE_INSERT_TAIL(bb, e);
 
+    if (level <= 0) {
+        apr_errprintf(&(*jose)->result, pool, NULL, 0,
+                "Syntax error: too many nested JOSE payloads");
+        return APR_EINVAL;
+    }
+    level--;
+
     return apr_jose_decode(
             flags & APR_JOSE_FLAG_DECODE_ALL ?
                     &(*jose)->jose.jws->payload : jose, typ, bb, cb,
@@ -1442,6 +1463,13 @@ apr_status_t apr_jose_decode_json_jwe(ap
 
                     if (decrypt == 1) {
 
+                        if (level <= 0) {
+                            apr_errprintf(&(*jose)->result, pool, NULL, 0,
+                                    "Syntax error: too many nested JOSE payloads");
+                            return APR_EINVAL;
+                        }
+                        level--;
+
                         status = apr_jose_decode(
                                 flags & APR_JOSE_FLAG_DECODE_ALL ?
                                         &(*jose)->jose.jwe->payload : jose, typ,
@@ -1518,6 +1546,13 @@ apr_status_t apr_jose_decode_json_jwe(ap
 
         if (APR_SUCCESS == status) {
 
+            if (level <= 0) {
+                apr_errprintf(&(*jose)->result, pool, NULL, 0,
+                        "Syntax error: too many nested JOSE payloads");
+                return APR_EINVAL;
+            }
+            level--;
+
             return apr_jose_decode(
                     flags & APR_JOSE_FLAG_DECODE_ALL ?
                             &(*jose)->jose.jwe->payload : jose, typ, bb,