search

webrtc-rs / dtls

A pure Rust implementation of DTLS
https://webrtc.rs
Apache License 2.0
42 stars 23 forks source link

Backport buffer limit fix from Pion #17

Closed k0nserv closed 2 years ago

k0nserv commented 2 years ago

This commit fixes a security issue that was discovered and fixed in Pion by limiting the max size of the fragment buffer. Without it an attacker could cause unbounded memory growth.

Security advisory: https://github.com/pion/dtls/security/advisories/GHSA-cx94-mrg9-rq4j

This was fixed in https://github.com/pion/dtls/pull/461 in Pion

codecov[bot] commented 2 years ago

Codecov Report

Merging #17 (773cbf0) into main (009d5a2) will decrease coverage by 0.00%. The diff coverage is 58.33%.

@@            Coverage Diff             @@
##             main      #17      +/-   ##
==========================================
- Coverage   62.44%   62.43%   -0.01%     
==========================================
  Files          75       75              
  Lines        5517     5529      +12     
  Branches     1043     1046       +3     
==========================================
+ Hits         3445     3452       +7     
- Misses       1268     1271       +3     
- Partials      804      806       +2
Impacted Files Coverage Δ
src/error.rs 9.52% <0.00%> (-0.48%) :arrow_down:
src/fragment_buffer/fragment_buffer_test.rs 75.47% <70.00%> (-1.28%) :arrow_down:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 009d5a2...773cbf0. Read the comment docs.