Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
compat-openssl098.6133
openssl-CVE-2009-1377.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2009-1377.patch of Package compat-openssl098.6133
Index: openssl-0.9.8h/crypto/pqueue/pqueue.c =================================================================== --- openssl-0.9.8h.orig/crypto/pqueue/pqueue.c +++ openssl-0.9.8h/crypto/pqueue/pqueue.c @@ -234,3 +234,18 @@ pqueue_next(pitem **item) return ret; } + +int +pqueue_size(pqueue_s *pq) +{ + pitem *item = pq->items; + int count = 0; + + while(item != NULL) + { + count++; + item = item->next; + } + return count; +} + Index: openssl-0.9.8h/crypto/pqueue/pqueue.h =================================================================== --- openssl-0.9.8h.orig/crypto/pqueue/pqueue.h +++ openssl-0.9.8h/crypto/pqueue/pqueue.h @@ -91,5 +91,6 @@ pitem *pqueue_iterator(pqueue pq); pitem *pqueue_next(piterator *iter); void pqueue_print(pqueue pq); +int pqueue_size(pqueue pq); #endif /* ! HEADER_PQUEUE_H */ Index: openssl-0.9.8h/ssl/d1_pkt.c =================================================================== --- openssl-0.9.8h.orig/ssl/d1_pkt.c +++ openssl-0.9.8h/ssl/d1_pkt.c @@ -167,6 +167,10 @@ dtls1_buffer_record(SSL *s, record_pqueu DTLS1_RECORD_DATA *rdata; pitem *item; + /* Limit the size of the queue to prevent DOS attacks */ + if (pqueue_size(queue->q) >= 100) + return 0; + rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); item = pitem_new(priority, rdata); if (rdata == NULL || item == NULL)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor