[Pkg-openssl-changes] r400 - in openssl/branches/etch: crypto/pqueue debian ssl
Kurt Roeckx
kroeckx at alioth.debian.org
Mon Jun 1 13:33:52 UTC 2009
Author: kroeckx
Date: 2009-06-01 13:33:51 +0000 (Mon, 01 Jun 2009)
New Revision: 400
Modified:
openssl/branches/etch/crypto/pqueue/pqueue.c
openssl/branches/etch/crypto/pqueue/pqueue.h
openssl/branches/etch/debian/changelog
openssl/branches/etch/ssl/d1_pkt.c
Log:
Fix "DTLS record buffer limitation bug." (CVE-2009-1377)
Modified: openssl/branches/etch/crypto/pqueue/pqueue.c
===================================================================
--- openssl/branches/etch/crypto/pqueue/pqueue.c 2009-06-01 13:32:16 UTC (rev 399)
+++ openssl/branches/etch/crypto/pqueue/pqueue.c 2009-06-01 13:33:51 UTC (rev 400)
@@ -234,3 +234,17 @@
return ret;
}
+
+int
+pqueue_size(pqueue_s *pq)
+{
+ pitem *item = pq->items;
+ int count = 0;
+
+ while(item != NULL)
+ {
+ count++;
+ item = item->next;
+ }
+ return count;
+}
Modified: openssl/branches/etch/crypto/pqueue/pqueue.h
===================================================================
--- openssl/branches/etch/crypto/pqueue/pqueue.h 2009-06-01 13:32:16 UTC (rev 399)
+++ openssl/branches/etch/crypto/pqueue/pqueue.h 2009-06-01 13:33:51 UTC (rev 400)
@@ -91,5 +91,6 @@
pitem *pqueue_next(piterator *iter);
void pqueue_print(pqueue pq);
+int pqueue_size(pqueue pq);
#endif /* ! HEADER_PQUEUE_H */
Modified: openssl/branches/etch/debian/changelog
===================================================================
--- openssl/branches/etch/debian/changelog 2009-06-01 13:32:16 UTC (rev 399)
+++ openssl/branches/etch/debian/changelog 2009-06-01 13:33:51 UTC (rev 400)
@@ -1,3 +1,9 @@
+openssl (0.9.8c-4etch6) oldstable-security; urgency=low
+
+ * Fix "DTLS record buffer limitation bug." (CVE-2009-1377)
+
+ -- Kurt Roeckx <kurt at roeckx.be> Mon, 01 Jun 2009 15:32:47 +0200
+
openssl (0.9.8c-4etch5) oldstable-security; urgency=low
* Properly validate the length of an encoded BMPString and UniversalString
Modified: openssl/branches/etch/ssl/d1_pkt.c
===================================================================
--- openssl/branches/etch/ssl/d1_pkt.c 2009-06-01 13:32:16 UTC (rev 399)
+++ openssl/branches/etch/ssl/d1_pkt.c 2009-06-01 13:33:51 UTC (rev 400)
@@ -166,6 +166,10 @@
DTLS1_RECORD_DATA *rdata;
pitem *item;
+ /* Limit the size of the queue to prevent DOS attacks */
+ if (pqueue_size(queue->q) >= 100)
+ return 0;
+
rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
item = pitem_new(priority, rdata);
if (rdata == NULL || item == NULL)
More information about the Pkg-openssl-changes
mailing list