OpenSSL    
 Tarballs |  License |  Contribution |  Repository |  Mirror |  GitWeb |  CVS (Legacy) 
 
Title
FAQ
About
News
Documents
Source
Support
Related
Security

 

CVS Web Interface

openssl - Check-in [18187]
Not logged in
[Browse]  [Home]  [Login]  [Reports]  [Search]  [Timeline
  [Patchset]  [Tagging/Branching
Check-in Number: 18187
Date: 2009-May-16 18:18:44 (local)
2009-May-16 16:18:44 (UTC)
User:steve
Branch:OpenSSL_0_9_8-stable
Comment: Update from 1.0.0-stable.
Tickets:
Inspections:
Files:
openssl/crypto/pqueue/pqueue.c      1.2.2.4 -> 1.2.2.5     14 inserted, 0 deleted
openssl/crypto/pqueue/pqueue.h      1.2.2.1 -> 1.2.2.2     1 inserted, 0 deleted
openssl/ssl/d1_pkt.c      1.4.2.17 -> 1.4.2.18     4 inserted, 0 deleted

openssl/crypto/pqueue/pqueue.c 1.2.2.4 -> 1.2.2.5
--- pqueue.c	2005/06/28 12:53:33	1.2.2.4
+++ pqueue.c	2009/05/16 16:18:44	1.2.2.5
@@ -234,3 +234,17 @@
 
 	return ret;
 	}
+
+int
+pqueue_size(pqueue_s *pq)
+{
+	pitem *item = pq->items;
+	int count = 0;
+	
+	while(item != NULL)
+	{
+		count++;
+		item = item->next;
+	}
+	return count;
+}

openssl/crypto/pqueue/pqueue.h 1.2.2.1 -> 1.2.2.2
--- pqueue.h	2005/05/30 22:34:27	1.2.2.1
+++ pqueue.h	2009/05/16 16:18:44	1.2.2.2
@@ -91,5 +91,6 @@
 pitem *pqueue_next(piterator *iter);
 
 void   pqueue_print(pqueue pq);
+int    pqueue_size(pqueue pq);
 
 #endif /* ! HEADER_PQUEUE_H */

openssl/ssl/d1_pkt.c 1.4.2.17 -> 1.4.2.18
--- d1_pkt.c	2009/05/16 15:51:59	1.4.2.17
+++ d1_pkt.c	2009/05/16 16:18:45	1.4.2.18
@@ -167,6 +167,10 @@
     DTLS1_RECORD_DATA *rdata;
 	pitem *item;
 
+	/* Limit the size of the queue to prevent DOS attacks */
+	if (pqueue_size(queue->q) >= 100)
+		return 0;
+		
 	rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
 	item = pitem_new(priority, rdata);
 	if (rdata == NULL || item == NULL)
____
Web Interface for the OpenSSL CVS Repository
Based on CVSTrac.