Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-06-15 10:00:51 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

limited the number of packets to be parsed in a row, to prevent compressed data to contain an enormous number of packets. Fixes one possible attack pointed out by HM

Browse source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@7013 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2014-01-14 19:58:55 +00:00
parent 9eaea5de12
commit 2d64e3f540
1 changed files with 18 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

29
openpgpsdk/src/openpgpsdk/packet-parse.c
View file

@ -3229,19 +3229,26 @@ void example()
*/ */
int ops_parse(ops_parse_info_t *pinfo) int ops_parse(ops_parse_info_t *pinfo)
{ {
int r; int r;
unsigned long pktlen; unsigned long pktlen;
int n_packets = 0 ;
do do
// Parse until we get a return code of 0 (error) or -1 (EOF) // Parse until we get a return code of 0 (error) or -1 (EOF)
{ {
r=ops_parse_one_packet(pinfo,&pktlen); r=ops_parse_one_packet(pinfo,&pktlen);
} while (r > 0);
return pinfo->errors ? 0 : 1; if(++n_packets > 100)
return r == -1 ? 0 : 1; {
} fprintf(stderr,"More than 100 packets parsed in a row. This is likely to be a buggy certificate.") ;
return 0 ;
}
} while (r > 0);
return pinfo->errors ? 0 : 1;
return r == -1 ? 0 : 1;
}
/** /**
\ingroup Core_ReadPackets \ingroup Core_ReadPackets