Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 191677 Details for
Bug 270305
<dev-libs/openssl-0.9.8l DTLS Denial of Service (CVE-2009-{1377,1378,1379,1387})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
openssl-0.9.8-CVE-2009-1378.patch
openssl-0.9.8-CVE-2009-1378.patch (text/plain), 894 bytes, created by
Robert Buchholz (RETIRED)
on 2009-05-18 14:54:42 UTC
(
hide
)
Description:
openssl-0.9.8-CVE-2009-1378.patch
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2009-05-18 14:54:42 UTC
Size:
894 bytes
patch
obsolete
>http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest > >Index: ssl/d1_both.c >=================================================================== >--- ssl/d1_both.c.orig >+++ ssl/d1_both.c >@@ -561,7 +561,16 @@ dtls1_process_out_of_seq_message(SSL *s, > if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) > goto err; > >- if (msg_hdr->seq <= s->d1->handshake_read_seq) >+ /* Try to find item in queue, to prevent duplicate entries */ >+ pq_64bit_init(&seq64); >+ pq_64bit_assign_word(&seq64, msg_hdr->seq); >+ item = pqueue_find(s->d1->buffered_messages, seq64); >+ pq_64bit_free(&seq64); >+ >+ /* Discard the message if sequence number was already there, is >+ * too far in the future or the fragment is already in the queue */ >+ if (msg_hdr->seq <= s->d1->handshake_read_seq || >+ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL) > { > unsigned char devnull [256]; >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=191677">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 270305
:
191674
| 191677 |
192323
