Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 191674 Details for
Bug 270305
<dev-libs/openssl-0.9.8l DTLS Denial of Service (CVE-2009-{1377,1378,1379,1387})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
openssl-0.9.8-CVE-2009-1377.patch
openssl-0.9.8-CVE-2009-1377.patch (text/plain), 1.53 KB, created by
Robert Buchholz (RETIRED)
on 2009-05-18 14:54:01 UTC
(
hide
)
Description:
openssl-0.9.8-CVE-2009-1377.patch
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2009-05-18 14:54:01 UTC
Size:
1.53 KB
patch
obsolete
>http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest > >Index: openssl/crypto/pqueue/pqueue.c >RCS File: /v/openssl/cvs/openssl/crypto/pqueue/pqueue.c,v >rcsdiff -q -kk '-r1.2.2.4' '-r1.2.2.5' -u '/v/openssl/cvs/openssl/crypto/pqueue/pqueue.c,v' 2>/dev/null >--- pqueue.c 2005/06/28 12:53:33 1.2.2.4 >+++ pqueue.c 2009/05/16 16:18:44 1.2.2.5 >@@ -234,3 +234,17 @@ > > return ret; > } >+ >+int >+pqueue_size(pqueue_s *pq) >+{ >+ pitem *item = pq->items; >+ int count = 0; >+ >+ while(item != NULL) >+ { >+ count++; >+ item = item->next; >+ } >+ return count; >+} >Index: openssl/crypto/pqueue/pqueue.h >RCS File: /v/openssl/cvs/openssl/crypto/pqueue/pqueue.h,v >rcsdiff -q -kk '-r1.2.2.1' '-r1.2.2.2' -u '/v/openssl/cvs/openssl/crypto/pqueue/pqueue.h,v' 2>/dev/null >--- pqueue.h 2005/05/30 22:34:27 1.2.2.1 >+++ pqueue.h 2009/05/16 16:18:44 1.2.2.2 >@@ -91,5 +91,6 @@ > pitem *pqueue_next(piterator *iter); > > void pqueue_print(pqueue pq); >+int pqueue_size(pqueue pq); > > #endif /* ! HEADER_PQUEUE_H */ >Index: openssl/ssl/d1_pkt.c >RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v >rcsdiff -q -kk '-r1.4.2.17' '-r1.4.2.18' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null >--- d1_pkt.c 2009/05/16 15:51:59 1.4.2.17 >+++ d1_pkt.c 2009/05/16 16:18:45 1.4.2.18 >@@ -167,6 +167,10 @@ > DTLS1_RECORD_DATA *rdata; > pitem *item; > >+ /* Limit the size of the queue to prevent DOS attacks */ >+ if (pqueue_size(queue->q) >= 100) >+ return 0; >+ > rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); > item = pitem_new(priority, rdata); > if (rdata == NULL || item == NULL)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=191674">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 270305
: 191674 |
191677
|
192323
