projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Prevent oracle attacks in the legacy protocol (CVE-2018-16737, CVE-2018-16738)
[tinc] / src / net_packet.c
diff --git a/src/net_packet.c b/src/net_packet.c
index 5d70481..a516b4a 100644 (file)
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -461,10 +461,11 @@ static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
 
                inpkt = outpkt;
 
-               if (origlen > MTU / 64 + 20)
+               if(origlen > MTU / 64 + 20) {
                        origlen -= MTU / 64 + 20;
-               else
+               } else {
                        origlen = 0;
+               }
        }
 
        if(inpkt->len > n->maxrecentlen) {
tinc, the VPN daemon