diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-05-16 16:17:46 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-05-16 16:17:46 +0000 |
commit | 88b48dc68024dcc437da4296c9fb04419b0ccbe1 (patch) | |
tree | 392e81ba55e2579d65d5da2a78d92e914ebc2c48 | |
parent | 661d35dfb20e4f696fb03e373020367f9306f36c (diff) |
PR: 1930
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Limit size of DTLS record buffer queue.
-rw-r--r-- | crypto/pqueue/pqueue.c | 14 | ||||
-rw-r--r-- | crypto/pqueue/pqueue.h | 1 | ||||
-rw-r--r-- | ssl/d1_pkt.c | 4 |
3 files changed, 19 insertions, 0 deletions
diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c index c20bc6fc96..99a6fb874d 100644 --- a/crypto/pqueue/pqueue.c +++ b/crypto/pqueue/pqueue.c @@ -237,3 +237,17 @@ pqueue_next(pitem **item) return ret; } + +int +pqueue_size(pqueue_s *pq) +{ + pitem *item = pq->items; + int count = 0; + + while(item != NULL) + { + count++; + item = item->next; + } + return count; +} diff --git a/crypto/pqueue/pqueue.h b/crypto/pqueue/pqueue.h index 7a293c8584..87fc9037c8 100644 --- a/crypto/pqueue/pqueue.h +++ b/crypto/pqueue/pqueue.h @@ -89,5 +89,6 @@ pitem *pqueue_iterator(pqueue pq); pitem *pqueue_next(piterator *iter); void pqueue_print(pqueue pq); +int pqueue_size(pqueue pq); #endif /* ! HEADER_PQUEUE_H */ diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index b53e07d23c..a89edbc7a7 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -207,6 +207,10 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) DTLS1_RECORD_DATA *rdata; pitem *item; + /* Limit the size of the queue to prevent DOS attacks */ + if (pqueue_size(queue->q) >= 100) + return 0; + rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); item = pitem_new(priority, rdata); if (rdata == NULL || item == NULL) |