From 288d956728ab4d4aabe9bc59b87991420dbda151 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Tue, 23 Sep 2003 20:59:01 +0000 Subject: [PATCH] Check for short packets from the tun/tap device and from other tinc daemons. --- src/net_packet.c | 18 +++++++++++++----- src/route.c | 13 ++++++++++++- 2 files changed, 25 insertions(+), 6 deletions(-) diff --git a/src/net_packet.c b/src/net_packet.c index 43b8e7cd..a989b09f 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net_packet.c,v 1.1.2.40 2003/08/28 21:05:10 guus Exp $ + $Id: net_packet.c,v 1.1.2.41 2003/09/23 20:59:01 guus Exp $ */ #include "system.h" @@ -118,6 +118,14 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) cp(); + /* Check packet length */ + + if(inpkt->len < sizeof(inpkt->seqno) + myself->maclength) { + ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Got too short packet from %s (%s)"), + n->name, n->hostname); + return; + } + /* Check the message authentication code */ if(myself->digest && myself->maclength) { @@ -189,6 +197,9 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt) inpkt = outpkt; } + if(n->connection) + n->connection->last_ping_time = now; + receive_packet(n, inpkt); } @@ -401,7 +412,7 @@ void handle_incoming_vpn_data(int sock) pkt.len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen); - if(pkt.len <= 0) { + if(pkt.len < 0) { logger(LOG_ERR, _("Receiving packet failed: %s"), strerror(errno)); return; } @@ -418,8 +429,5 @@ void handle_incoming_vpn_data(int sock) return; } - if(n->connection) - n->connection->last_ping_time = now; - receive_udppacket(n, &pkt); } diff --git a/src/route.c b/src/route.c index 16d932d3..ab6a4534 100644 --- a/src/route.c +++ b/src/route.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: route.c,v 1.1.2.64 2003/08/28 21:05:11 guus Exp $ + $Id: route.c,v 1.1.2.65 2003/09/23 20:59:01 guus Exp $ */ #include "system.h" @@ -532,6 +532,11 @@ void route_outgoing(vpn_packet_t *packet) cp(); + if(packet->len < 64) { + ifdebug(TRAFFIC) logger(LOG_WARNING, _("Read too short packet")); + return; + } + /* FIXME: multicast? */ switch (routing_mode) { @@ -578,6 +583,12 @@ void route_outgoing(vpn_packet_t *packet) void route_incoming(node_t *source, vpn_packet_t *packet) { + if(packet->len < 64) { + ifdebug(TRAFFIC) logger(LOG_WARNING, _("Got too short packet from %s (%s)"), + source->name, source->hostname); + return; + } + switch (routing_mode) { case RMODE_ROUTER: {