generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 1930

Browse Source 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Limit size of DTLS record buffer queue.
This commit is contained in:
Dr. Stephen Henson 2009-05-16 16:17:46 +00:00
parent 661d35dfb2
commit 88b48dc680
3 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
crypto/pqueue/pqueue.c
View File

@ -237,3 +237,17 @@ pqueue_next(pitem **item)
return ret; return ret;
} }
int
pqueue_size(pqueue_s *pq)
{
pitem *item = pq->items;
int count = 0;
while(item != NULL)
{
count++;
item = item->next;
}
return count;
}

1
crypto/pqueue/pqueue.h
View File

@ -89,5 +89,6 @@ pitem *pqueue_iterator(pqueue pq);
pitem *pqueue_next(piterator *iter); pitem *pqueue_next(piterator *iter);
void pqueue_print(pqueue pq); void pqueue_print(pqueue pq);
int pqueue_size(pqueue pq);
#endif /* ! HEADER_PQUEUE_H */ #endif /* ! HEADER_PQUEUE_H */

4
ssl/d1_pkt.c
View File

@ -207,6 +207,10 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
DTLS1_RECORD_DATA *rdata; DTLS1_RECORD_DATA *rdata;
pitem *item; pitem *item;
/* Limit the size of the queue to prevent DOS attacks */
if (pqueue_size(queue->q) >= 100)
return 0;
rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
item = pitem_new(priority, rdata); item = pitem_new(priority, rdata);
if (rdata == NULL || item == NULL) if (rdata == NULL || item == NULL)