Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
compat-openssl098.4153
openssl-CVE-2009-1378.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2009-1378.patch of Package compat-openssl098.4153
Index: openssl-0.9.8h/ssl/d1_both.c =================================================================== --- openssl-0.9.8h.orig/ssl/d1_both.c +++ openssl-0.9.8h/ssl/d1_both.c @@ -561,7 +561,16 @@ dtls1_process_out_of_seq_message(SSL *s, if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) goto err; - if (msg_hdr->seq <= s->d1->handshake_read_seq) + /* Try to find item in queue, to prevent duplicate entries */ + pq_64bit_init(&seq64); + pq_64bit_assign_word(&seq64, msg_hdr->seq); + item = pqueue_find(s->d1->buffered_messages, seq64); + pq_64bit_free(&seq64); + + /* Discard the message if sequence number was already there, is + * too far in the future or the fragment is already in the queue */ + if (msg_hdr->seq <= s->d1->handshake_read_seq || + msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL) { unsigned char devnull [256];
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor