swh:1:snp:dc2a5002442a00b1c0eda7c65d04ea7455e166cd
Revision 9871417fb74dca48ea1dc85ae666a6529d113ff8 authored by Adam Langley on 06 June 2014, 21:30:33 UTC, committed by Matt Caswell on 06 August 2014, 19:27:51 UTC
The |pqueue_insert| function can fail if one attempts to insert a duplicate sequence number. When handling a fragment of an out of sequence message, |dtls1_process_out_of_seq_message| would not call |dtls1_reassemble_fragment| if the fragment's length was zero. It would then allocate a fresh fragment and attempt to insert it, but ignore the return value, leaking the fragment. This allows an attacker to exhaust the memory of a DTLS peer. Fixes CVE-2014-3507 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
1 parent fc7804e
Tip revision: 0fdf965bf0b1f87d4a5d52c71994ffdda5235718 authored by Neil Horman on 11 September 2024, 13:53:49 UTC
review fixups for quic-hq-interop
review fixups for quic-hq-interop
Tip revision: 0fdf965
| File | Mode | Size |
|---|---|---|
| MacOS | ||
| Netware | ||
| VMS | ||
| apps | ||
| bugs | ||
| certs | ||
| crypto | ||
| demos | ||
| doc | ||
| engines | ||
| include | ||
| ms | ||
| os2 | ||
| perl | ||
| shlib | ||
| ssl | ||
| test | ||
| times | ||
| tools | ||
| util | ||
| .cvsignore | -rw-r--r-- | 193 bytes |
| .gitignore | -rw-r--r-- | 1.0 KB |
| ACKNOWLEDGMENTS | -rw-r--r-- | 1.0 KB |
| CHANGES | -rw-r--r-- | 435.0 KB |
| CHANGES.SSLeay | -rw-r--r-- | 41.7 KB |
| Configure | -rwxr-xr-x | 103.6 KB |
| FAQ | -rw-r--r-- | 45.4 KB |
| INSTALL | -rw-r--r-- | 14.3 KB |
| INSTALL.DJGPP | -rw-r--r-- | 2.0 KB |
| INSTALL.MacOS | -rw-r--r-- | 3.2 KB |
| INSTALL.NW | -rw-r--r-- | 18.4 KB |
| INSTALL.OS2 | -rw-r--r-- | 744 bytes |
| INSTALL.VMS | -rw-r--r-- | 10.7 KB |
| INSTALL.W32 | -rw-r--r-- | 11.6 KB |
| INSTALL.W64 | -rw-r--r-- | 2.1 KB |
| INSTALL.WCE | -rw-r--r-- | 3.2 KB |
| LICENSE | -rw-r--r-- | 6.1 KB |
| Makefile.org | -rw-r--r-- | 23.6 KB |
| Makefile.shared | -rw-r--r-- | 21.4 KB |
| NEWS | -rw-r--r-- | 30.3 KB |
| PROBLEMS | -rw-r--r-- | 8.5 KB |
| README | -rw-r--r-- | 8.9 KB |
| README.ASN1 | -rw-r--r-- | 7.5 KB |
| README.ENGINE | -rw-r--r-- | 15.7 KB |
| TABLE | -rw-r--r-- | 155.1 KB |
| config | -rwxr-xr-x | 27.7 KB |
| e_os.h | -rw-r--r-- | 23.0 KB |
| e_os2.h | -rw-r--r-- | 10.2 KB |
| install.com | -rw-r--r-- | 3.6 KB |
| makevms.com | -rwxr-xr-x | 38.8 KB |
| openssl.doxy | -rw-r--r-- | 137 bytes |
| openssl.spec | -rw-r--r-- | 7.7 KB |
Computing file changes ...
