don't read length field if there might not be a length field

author Alan T. DeKok <aland@freeradius.org>

Wed, 24 Jul 2024 15:18:01 +0000 (08:18 -0700)

committer Alan T. DeKok <aland@freeradius.org>

Wed, 24 Jul 2024 15:18:01 +0000 (08:18 -0700)
author Alan T. DeKok <aland@freeradius.org>
Wed, 24 Jul 2024 15:18:01 +0000 (08:18 -0700)
committer Alan T. DeKok <aland@freeradius.org>
Wed, 24 Jul 2024 15:18:01 +0000 (08:18 -0700)
diff --git a/src/main/tls_listen.c b/src/main/tls_listen.c

index 63a50e9c59291857c6198b1767a5dda7fc6ab64b..3b3b4088794a80e2b06506e90e12c7070b8c374d 100644 (file)
--- a/src/main/tls_listen.c
+++ b/src/main/tls_listen.c
@@ -665,8 +665,13 @@ read_application_data:
          *      If the packet is a complete RADIUS packet, return it to
          *      the caller.  Otherwise...
          */
-       if ((sock->ssn->clean_out.used < 20) ||
-           ((int) sock->ssn->clean_out.used) < ((sock->ssn->clean_out.data[2] << 8) | sock->ssn->clean_out.data[3])) {
+       if (sock->ssn->clean_out.used < 20) {
+               RDEBUG3("(TLS) Received partial packet (have %zu, want >=20), waiting for more.",
+                       sock->ssn->clean_out.used);
+               return 0;
+       }
+
+       if (((int) sock->ssn->clean_out.used) < ((sock->ssn->clean_out.data[2] << 8) | sock->ssn->clean_out.data[3])) {
                 RDEBUG3("(TLS) Received partial packet (have %zu, want %u), waiting for more.",
                         sock->ssn->clean_out.used, (sock->ssn->clean_out.data[2] << 8) | sock->ssn->clean_out.data[3]);
                 return 0;
author	Alan T. DeKok <aland@freeradius.org>
	Wed, 24 Jul 2024 15:18:01 +0000 (08:18 -0700)
committer	Alan T. DeKok <aland@freeradius.org>
	Wed, 24 Jul 2024 15:18:01 +0000 (08:18 -0700)