mirror of
https://github.com/FreeRTOS/FreeRTOS-Kernel.git
synced 2025-10-17 02:07:48 -04:00
5a4fe788d7
Issue There is a possible vulnerability of Denial of Service attack by keeping the UDP socket for the SNTP client task always open in the coreSNTP demo. The Denial of Service attack can occur from receiving multiple server response (duplicated or malicious) for a single SNTP time request sent by the client, and thereby, filing the socket network buffer response packets that affect future time requests. Solution This PR fixes this vulnerability by updating the demo to keep a UDP socket open only for the time period of waiting for server response, closing the socket on either receiving a server response or experiencing server timeout, and re-creating a UDP socket for the next polling try. This PR also adds another security functionality using a random port for UDP socket to protect against spoofing attacks from "off-network path" attackers. |
||
|---|---|---|
| .. | ||
| Demo | ||
| Source | ||
| Test | ||
| ThirdParty | ||
| readme.txt | ||
Directories: + The FreeRTOS-Plus/Source directory contains source code for some of the FreeRTOS+ components. These subdirectories contain further readme files and links to documentation. + The FreeRTOS-Plus/Demo directory contains a demo application for every most of the FreeRTOS+ components. Lots of the demo applications use the FreeRTOS Windows simulator for easy evaluation. Be aware that FreeRTOS is much slower and not deterministic when executed in a simulated environment. + See http://www.freertos.org/plus