Discard a packet that exceeds the receive buffer

author Martin Willi <martin@revosec.ch>

Wed, 11 Aug 2010 08:51:40 +0000 (10:51 +0200)

committer Martin Willi <martin@revosec.ch>

Wed, 11 Aug 2010 08:52:59 +0000 (10:52 +0200)
author Martin Willi <martin@revosec.ch>
Wed, 11 Aug 2010 08:51:40 +0000 (10:51 +0200)
committer Martin Willi <martin@revosec.ch>
Wed, 11 Aug 2010 08:52:59 +0000 (10:52 +0200)
diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c

index c88206eeb697871598d48dcd102afeb353e99811..4eeffff25bc8716dc27d084bc7d336a6d8b067e7 100644 (file)
--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
@@ -212,6 +212,11 @@ METHOD(socket_t, receiver, status_t,
                         DBG1(DBG_NET, "error reading socket: %s", strerror(errno));
                         return FAILED;
                 }
+               if (msg.msg_flags & MSG_TRUNC)
+               {
+                       DBG1(DBG_NET, "receive buffer too small, packet discarded");
+                       return FAILED;
+               }
                 DBG3(DBG_NET, "received packet %b", buffer, bytes_read);
  
                 if (bytes_read < MARKER_LEN)
diff --git a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c

index 42921d6d9f5590c80a48483521e25bf825f9698f..35fbb3afd75f91ea2dbc52b8b233004bb143d0b7 100644 (file)
--- a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c
+++ b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c
@@ -229,6 +229,11 @@ static packet_t *receive_packet(private_socket_dynamic_socket_t *this,
                 DBG1(DBG_NET, "error reading socket: %s", strerror(errno));
                 return NULL;
         }
+       if (msg.msg_flags & MSG_TRUNC)
+       {
+               DBG1(DBG_NET, "receive buffer too small, packet discarded");
+               return NULL;
+       }
         DBG3(DBG_NET, "received packet %b", buffer, len);
  
         if (len < MARKER_LEN)
diff --git a/src/libcharon/plugins/socket_raw/socket_raw_socket.c b/src/libcharon/plugins/socket_raw/socket_raw_socket.c

index 604a9d977a5e0521dab0103f0ea5fa63211b7e16..6cbab846b3d3f56eacf3bf6b38d028e76fd198f8 100644 (file)
--- a/src/libcharon/plugins/socket_raw/socket_raw_socket.c
+++ b/src/libcharon/plugins/socket_raw/socket_raw_socket.c
@@ -172,6 +172,11 @@ METHOD(socket_t, receiver, status_t,
                         DBG1(DBG_NET, "error reading from IPv4 socket: %s", strerror(errno));
                         return FAILED;
                 }
+               if (bytes_read == this->max_packet)
+               {
+                       DBG1(DBG_NET, "receive buffer too small, packet discarded");
+                       return FAILED;
+               }
                 DBG3(DBG_NET, "received IPv4 packet %b", buffer, bytes_read);
  
                 /* read source/dest from raw IP/UDP header */
author	Martin Willi <martin@revosec.ch>
	Wed, 11 Aug 2010 08:51:40 +0000 (10:51 +0200)
committer	Martin Willi <martin@revosec.ch>
	Wed, 11 Aug 2010 08:52:59 +0000 (10:52 +0200)
src/libcharon/plugins/socket_default/socket_default_socket.c		patch \| blob \| blame \| history
src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c		patch \| blob \| blame \| history
src/libcharon/plugins/socket_raw/socket_raw_socket.c		patch \| blob \| blame \| history