prevent endless loop with oversize attributes

1 files changed, 16 insertions, 5 deletions

diff --git a/src/libimcv/imv/imv_agent.c b/src/libimcv/imv/imv_agent.c
index 2f1c2d3d7..68bde26e0 100644
--- a/src/libimcv/imv/imv_agent.c
+++ b/src/libimcv/imv/imv_agent.c
@@ -407,7 +407,7 @@ METHOD(imv_agent_t, create_state, TNC_Result,
 				  "%slong %sexcl %ssoh", this->id, this->name,
 				  tnccs_p ? tnccs_p:"?", tnccs_v ? tnccs_v:"?", conn_id,
 			      has_long ? "+":"-", has_excl ? "+":"-", has_soh ? "+":"-");
-	DBG2(DBG_IMV, "  over %s %s with maximum PA-TNC msg size of %u bytes",
+	DBG2(DBG_IMV, "  over %s %s with maximum PA-TNC message size of %u bytes",
 				  t_p ? t_p:"?", t_v ? t_v :"?", max_msg_len);
 
 	free(tnccs_p);
@@ -507,6 +507,7 @@ METHOD(imv_agent_t, send_message, TNC_Result,
 	pa_tnc_msg_t *pa_tnc_msg;
 	chunk_t msg;
 	enumerator_t *enumerator;
+	bool attr_added;
 
 	state = find_connection(this, connection_id);
 	if (!state)
@@ -516,17 +517,27 @@ METHOD(imv_agent_t, send_message, TNC_Result,
 		return TNC_RESULT_FATAL;
 	}
 
-	pa_tnc_msg = pa_tnc_msg_create(this->max_msg_len);
 	while (attr_list->get_count(attr_list))
 	{
 		pa_tnc_msg = pa_tnc_msg_create(this->max_msg_len);
+		attr_added = FALSE;
 
 		enumerator = attr_list->create_enumerator(attr_list);
 		while (enumerator->enumerate(enumerator, &attr))
-		{
-			if (!pa_tnc_msg->add_attribute(pa_tnc_msg, attr))
+			if (pa_tnc_msg->add_attribute(pa_tnc_msg, attr))
+			{
+				attr_added = TRUE;
+			}
+			else
 			{
-				break;
+				if (attr_added)
+				{
+					break;
+				}
+				else
+				{
+					DBG1(DBG_IMV, "PA-TNC attribute too large to send, deleted");
+				}
 			}
 			attr_list->remove_at(attr_list, enumerator);
 		}