{"author":"Stefan Eissing","author_email":"stefan@eissing.org","author_time":1738325614,"commit_time":1738609809,"committer":"Daniel Stenberg","committer_email":"daniel@haxx.se","hash":"65fca12e63488c3f8fcaf4146a1b956f7d08c16d","message":"x509asn1: add parse recursion limit\n\nFor ASN.1 tags with indefinite length, curl's own parser for TLS\nbackends that do not support certificate inspection calls itself\nrecursively. A malicious server certificate can then lead to high\nrecursion level exhausting the stack space.\n\nThis PR limits the recursion level to 16 which should be safe on all\narchitectures.\n\nAdded unit test 1657 to verify behaviour.\n\nFixes #16135\nReported-by: z2_\nCloses #16137\n","parents":["dc3252bedd7e0cc42b0b2381a2b7d107db7c62c0"],"tree_hash":"6de5aa15eadf3d7600f39f52d9e5f055292c830d"}