From 70219213d3e9404a95844f567d6d6b44753d8dad Mon Sep 17 00:00:00 2001 From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org" Date: Wed, 23 Jan 2008 11:38:30 +0000 Subject: Max Kellermann : check if the received packet is large enough Minor changes by the committer --- ChangeLog | 1 + src/sync-mode.c | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/ChangeLog b/ChangeLog index 8205ec5..2f6c762 100644 --- a/ChangeLog +++ b/ChangeLog @@ -93,6 +93,7 @@ o remove init_alarm() before add_alarm() o fix error checking of local_create_server() o added struct local_server, several cleanups in local socket infrastructure o remove unused prototypes in network.h +o check if the received packet is large enough version 0.9.5 (2007/07/29) ------------------------------ diff --git a/src/sync-mode.c b/src/sync-mode.c index 4f7833c..f726272 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -99,6 +99,11 @@ static void mcast_handler(void) while (remain > 0) { struct nethdr *net = (struct nethdr *) ptr; + if (remain < NETHDR_SIZ) { + STATE(malformed)++; + break; + } + if (ntohs(net->len) > remain) { dlog(LOG_ERR, "fragmented messages"); break; -- cgit v1.2.3