new upstream release 2.51 with some fixes, see
[openwrt.git] / package / openssl / patches / 900-CVE-2009-1377.patch
1 http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest
2
3 Index: openssl/crypto/pqueue/pqueue.c
4 RCS File: /v/openssl/cvs/openssl/crypto/pqueue/pqueue.c,v
5 rcsdiff -q -kk '-r1.2.2.4' '-r1.2.2.5' -u '/v/openssl/cvs/openssl/crypto/pqueue/pqueue.c,v' 2>/dev/null
6 --- pqueue.c 2005/06/28 12:53:33 1.2.2.4
7 +++ pqueue.c 2009/05/16 16:18:44 1.2.2.5
8 @@ -234,3 +234,17 @@
9
10 return ret;
11 }
12 +
13 +int
14 +pqueue_size(pqueue_s *pq)
15 +{
16 + pitem *item = pq->items;
17 + int count = 0;
18 +
19 + while(item != NULL)
20 + {
21 + count++;
22 + item = item->next;
23 + }
24 + return count;
25 +}
26 Index: openssl/crypto/pqueue/pqueue.h
27 RCS File: /v/openssl/cvs/openssl/crypto/pqueue/pqueue.h,v
28 rcsdiff -q -kk '-r1.2.2.1' '-r1.2.2.2' -u '/v/openssl/cvs/openssl/crypto/pqueue/pqueue.h,v' 2>/dev/null
29 --- pqueue.h 2005/05/30 22:34:27 1.2.2.1
30 +++ pqueue.h 2009/05/16 16:18:44 1.2.2.2
31 @@ -91,5 +91,6 @@
32 pitem *pqueue_next(piterator *iter);
33
34 void pqueue_print(pqueue pq);
35 +int pqueue_size(pqueue pq);
36
37 #endif /* ! HEADER_PQUEUE_H */
38 Index: openssl/ssl/d1_pkt.c
39 RCS File: /v/openssl/cvs/openssl/ssl/d1_pkt.c,v
40 rcsdiff -q -kk '-r1.4.2.17' '-r1.4.2.18' -u '/v/openssl/cvs/openssl/ssl/d1_pkt.c,v' 2>/dev/null
41 --- d1_pkt.c 2009/05/16 15:51:59 1.4.2.17
42 +++ d1_pkt.c 2009/05/16 16:18:45 1.4.2.18
43 @@ -167,6 +167,10 @@
44 DTLS1_RECORD_DATA *rdata;
45 pitem *item;
46
47 + /* Limit the size of the queue to prevent DOS attacks */
48 + if (pqueue_size(queue->q) >= 100)
49 + return 0;
50 +
51 rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
52 item = pitem_new(priority, rdata);
53 if (rdata == NULL || item == NULL)
This page took 0.044735 seconds and 5 git commands to generate.