Check for short packets from the tun/tap device and from other tinc daemons.

diff --git a/src/net_packet.c b/src/net_packet.c
index 43b8e7c..a989b09 100644 (file)
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 

-    $Id: net_packet.c,v 1.1.2.40 2003/08/28 21:05:10 guus Exp $
+    $Id: net_packet.c,v 1.1.2.41 2003/09/23 20:59:01 guus Exp $

 */
 
 #include "system.h"
 */
 
 #include "system.h"


@@ -118,6 +118,14 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt)
 
        cp();
 
 
        cp();
 

+       /* Check packet length */
+
+       if(inpkt->len < sizeof(inpkt->seqno) + myself->maclength) {
+               ifdebug(TRAFFIC) logger(LOG_DEBUG, _("Got too short packet from %s (%s)"),
+                                       n->name, n->hostname);
+               return;
+       }
+

        /* Check the message authentication code */
 
        if(myself->digest && myself->maclength) {
        /* Check the message authentication code */
 
        if(myself->digest && myself->maclength) {


@@ -189,6 +197,9 @@ static void receive_udppacket(node_t *n, vpn_packet_t *inpkt)
                inpkt = outpkt;
        }
 
                inpkt = outpkt;
        }
 

+       if(n->connection)
+               n->connection->last_ping_time = now;
+

        receive_packet(n, inpkt);
 }
 
        receive_packet(n, inpkt);
 }
 


@@ -401,7 +412,7 @@ void handle_incoming_vpn_data(int sock)
 
        pkt.len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
 
 
        pkt.len = recvfrom(sock, (char *) &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
 

-       if(pkt.len <= 0) {
+       if(pkt.len < 0) {

                logger(LOG_ERR, _("Receiving packet failed: %s"), strerror(errno));
                return;
        }
                logger(LOG_ERR, _("Receiving packet failed: %s"), strerror(errno));
                return;
        }


@@ -418,8 +429,5 @@ void handle_incoming_vpn_data(int sock)
                return;
        }
 
                return;
        }
 

-       if(n->connection)
-               n->connection->last_ping_time = now;
-

        receive_udppacket(n, &pkt);
 }
        receive_udppacket(n, &pkt);
 }

diff --git a/src/route.c b/src/route.c
index 16d932d..ab6a453 100644 (file)
--- a/src/route.c
+++ b/src/route.c
@@ -17,7 +17,7 @@
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
     along with this program; if not, write to the Free Software
     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 

-    $Id: route.c,v 1.1.2.64 2003/08/28 21:05:11 guus Exp $
+    $Id: route.c,v 1.1.2.65 2003/09/23 20:59:01 guus Exp $

 */
 
 #include "system.h"
 */
 
 #include "system.h"


@@ -532,6 +532,11 @@ void route_outgoing(vpn_packet_t *packet)
 
        cp();
 
 
        cp();
 

+       if(packet->len < 64) {
+               ifdebug(TRAFFIC) logger(LOG_WARNING, _("Read too short packet"));
+               return;
+       }
+

        /* FIXME: multicast? */
 
        switch (routing_mode) {
        /* FIXME: multicast? */
 
        switch (routing_mode) {


@@ -578,6 +583,12 @@ void route_outgoing(vpn_packet_t *packet)
 
 void route_incoming(node_t *source, vpn_packet_t *packet)
 {
 
 void route_incoming(node_t *source, vpn_packet_t *packet)
 {

+       if(packet->len < 64) {
+               ifdebug(TRAFFIC) logger(LOG_WARNING, _("Got too short packet from %s (%s)"),
+                                       source->name, source->hostname);
+               return;
+       }
+

        switch (routing_mode) {
                case RMODE_ROUTER:
                        {
        switch (routing_mode) {
                case RMODE_ROUTER:
                        {