The DTLS packet reassembly code has a performance problem that could result in a DoS attack being possible.
The DTLS packet reassembly uses the data structure defined in ssl/pqueue.c for the purpose (it is the only user of this data structure that I can find). This source file implements a priority queue using a singly linked list. This means O(n^2) worst case complexity, where n is the number of fragments. A better, and in fact optimal, solution would be to use a heap for the purpose giving O(n log n) worst case complexity. Doing this would prevent a potential DoS attack. The attack would consist of fragmenting the DTLS stream into as many small packets as possible and sending them in sequential order. Each fragment will require a complete traversal of the list to be added. Continue sending these as long as the DoS is wanted. For reference, changing the list search method or ordering won't prevent such an attack, it just means a different packet ordering is required. Tim Hudson suggested I submit this even though I haven't been able to find time to craft a patch. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4558 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
