| http://rt.openssl.org/Ticket/Display.html?id=1931&user=guest&pass=guest |
| |
| Index: ssl/d1_both.c |
| =================================================================== |
| --- ssl/d1_both.c.orig |
| +++ ssl/d1_both.c |
| @@ -561,7 +561,16 @@ dtls1_process_out_of_seq_message(SSL *s, |
| if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) |
| goto err; |
| |
| - if (msg_hdr->seq <= s->d1->handshake_read_seq) |
| + /* Try to find item in queue, to prevent duplicate entries */ |
| + pq_64bit_init(&seq64); |
| + pq_64bit_assign_word(&seq64, msg_hdr->seq); |
| + item = pqueue_find(s->d1->buffered_messages, seq64); |
| + pq_64bit_free(&seq64); |
| + |
| + /* Discard the message if sequence number was already there, is |
| + * too far in the future or the fragment is already in the queue */ |
| + if (msg_hdr->seq <= s->d1->handshake_read_seq || |
| + msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL) |
| { |
| unsigned char devnull [256]; |
| |