summaryrefslogtreecommitdiff
path: root/package/openssl/openssl-CVE-2009-1377.patch
diff options
context:
space:
mode:
authorGustavo Zacarias <gustavo@zacarias.com.ar>2009-11-10 13:42:35 -0300
committerPeter Korsgaard <jacmet@sunsite.dk>2009-11-15 23:58:50 +0100
commit48ed49e91d2e5e8b73a7392296f6ef5622a27e11 (patch)
treedfda80a27202fc508a9641089ea55ddc3d52acd3 /package/openssl/openssl-CVE-2009-1377.patch
parent882e137608e2727f485014286bad6cdddc31a198 (diff)
openssl: bump to 0.9.8l + security fixes
Closes #703 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Diffstat (limited to 'package/openssl/openssl-CVE-2009-1377.patch')
-rw-r--r--package/openssl/openssl-CVE-2009-1377.patch45
1 files changed, 45 insertions, 0 deletions
diff --git a/package/openssl/openssl-CVE-2009-1377.patch b/package/openssl/openssl-CVE-2009-1377.patch
new file mode 100644
index 000000000..931370acf
--- /dev/null
+++ b/package/openssl/openssl-CVE-2009-1377.patch
@@ -0,0 +1,45 @@
+diff -Nura openssl-0.9.8l/crypto/pqueue/pqueue.c openssl-0.9.8l-CVE-2009-1377/crypto/pqueue/pqueue.c
+--- openssl-0.9.8l/crypto/pqueue/pqueue.c 2005-06-28 09:53:33.000000000 -0300
++++ openssl-0.9.8l-CVE-2009-1377/crypto/pqueue/pqueue.c 2009-11-10 13:19:42.000000000 -0300
+@@ -234,3 +234,17 @@
+
+ return ret;
+ }
++
++int
++pqueue_size(pqueue_s *pq)
++{
++ pitem *item = pq->items;
++ int count = 0;
++
++ while(item != NULL)
++ {
++ count++;
++ item = item->next;
++ }
++ return count;
++}
+diff -Nura openssl-0.9.8l/crypto/pqueue/pqueue.h openssl-0.9.8l-CVE-2009-1377/crypto/pqueue/pqueue.h
+--- openssl-0.9.8l/crypto/pqueue/pqueue.h 2005-05-30 19:34:27.000000000 -0300
++++ openssl-0.9.8l-CVE-2009-1377/crypto/pqueue/pqueue.h 2009-11-10 13:19:42.000000000 -0300
+@@ -91,5 +91,6 @@
+ pitem *pqueue_next(piterator *iter);
+
+ void pqueue_print(pqueue pq);
++int pqueue_size(pqueue pq);
+
+ #endif /* ! HEADER_PQUEUE_H */
+diff -Nura openssl-0.9.8l/ssl/d1_pkt.c openssl-0.9.8l-CVE-2009-1377/ssl/d1_pkt.c
+--- openssl-0.9.8l/ssl/d1_pkt.c 2009-11-05 12:21:28.000000000 -0300
++++ openssl-0.9.8l-CVE-2009-1377/ssl/d1_pkt.c 2009-11-10 13:19:42.000000000 -0300
+@@ -167,6 +167,10 @@
+ DTLS1_RECORD_DATA *rdata;
+ pitem *item;
+
++ /* Limit the size of the queue to prevent DOS attacks */
++ if (pqueue_size(queue->q) >= 100)
++ return 0;
++
+ rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
+ item = pitem_new(priority, rdata);
+ if (rdata == NULL || item == NULL)