CWE-400: Uncontrolled Resource Consumption for sftp

[loganaden]

Enforce a per-session cap on open SFTP file handles before accepting additional retained handles. When the cap is reached, the server must reject the new handle and must not retain the newly opened file descriptor.

[wolfSSL-Bot]

Can one of the admins verify this patch?

[ejohnstown]

Can we treat this as a bug report and fix it another way? Or would you fill out a contributor agreement? The issue is I'm removing the functions this modifies. I have another spot something like this can be added.

[loganaden]

@ejohnstown sure. I can fill in the CLA.

[ejohnstown]

I'll need you to send an email to support@wolfssl.com. Please include this PR number and your github username. Say that you need a contributor agreement. They will set you up.

Note, this code won't apply any more after one of my PRs is merged. Would you mind porting this over when mine is merged?

[loganaden]

Sure. I've sent the request for CLA.

[loganaden]

CLA signed.

[loganaden]

@ejohnstown can I push now ?

[dgarske]

@ejohnstown can I push now ?

Hi @loganaden you are welcome to push code all you want. The CLA will be reviewed internally and once approved we will let you know. But don't let it stop you for pushing changes to your PR's or opening new ones. Thank you