Skip to content

Commit

Permalink
SECURITY: Fix potential denial of service attack against PostSRSd
Browse files Browse the repository at this point in the history 
I discovered that PostSRSd could be tricked into consuming a lot of CPU
time with an SRS address that has an excessively long time stamp tag,
e.g.

SRS0=HHHH=TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT=0@example.com
  • Loading branch information
@roehling
roehling committed Dec 12, 2020
1 parent 6f6b9ba commit 4733fb1
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions srs2.c
View file
Expand Up @@ -230,6 +230,7 @@ srs_timestamp_check(srs_t *srs, const char *stamp)
time_t now;
time_t then;

if (strlen(stamp) != 2) return SRS_ETIMESTAMPOUTOFDATE;
/* We had better go around this loop exactly twice! */
then = 0;
for (sp = stamp; *sp; sp++) {
Expand Down

1 comment on commit 4733fb1

@carnil
Copy link

@carnil carnil commented on 4733fb1 Dec 20, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The issue fixed by this commit has been assigned CVE-2020-35573 by MITRE.

Please sign in to comment.