diff options
| author | Martin Willi <martin@revosec.ch> | 2010-08-11 10:51:40 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2010-08-11 10:52:59 +0200 |
| commit | aea735ef63b809d5c50e058f164cea362fe3893c (patch) | |
| tree | 04d4afb944dd610207fb6e6ed1694646258d4238 /src | |
| parent | 10a2e09b55dba63e0dfe3023e7dc85751b0f2ee6 (diff) | |
| download | strongswan-aea735ef63b809d5c50e058f164cea362fe3893c.tar.bz2 strongswan-aea735ef63b809d5c50e058f164cea362fe3893c.tar.xz | |
Discard a packet that exceeds the receive buffer
Diffstat (limited to 'src')
3 files changed, 15 insertions, 0 deletions
diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c index c88206eeb..4eeffff25 100644 --- a/src/libcharon/plugins/socket_default/socket_default_socket.c +++ b/src/libcharon/plugins/socket_default/socket_default_socket.c @@ -212,6 +212,11 @@ METHOD(socket_t, receiver, status_t, DBG1(DBG_NET, "error reading socket: %s", strerror(errno)); return FAILED; } + if (msg.msg_flags & MSG_TRUNC) + { + DBG1(DBG_NET, "receive buffer too small, packet discarded"); + return FAILED; + } DBG3(DBG_NET, "received packet %b", buffer, bytes_read); if (bytes_read < MARKER_LEN) diff --git a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c index 42921d6d9..35fbb3afd 100644 --- a/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c +++ b/src/libcharon/plugins/socket_dynamic/socket_dynamic_socket.c @@ -229,6 +229,11 @@ static packet_t *receive_packet(private_socket_dynamic_socket_t *this, DBG1(DBG_NET, "error reading socket: %s", strerror(errno)); return NULL; } + if (msg.msg_flags & MSG_TRUNC) + { + DBG1(DBG_NET, "receive buffer too small, packet discarded"); + return NULL; + } DBG3(DBG_NET, "received packet %b", buffer, len); if (len < MARKER_LEN) diff --git a/src/libcharon/plugins/socket_raw/socket_raw_socket.c b/src/libcharon/plugins/socket_raw/socket_raw_socket.c index 604a9d977..6cbab846b 100644 --- a/src/libcharon/plugins/socket_raw/socket_raw_socket.c +++ b/src/libcharon/plugins/socket_raw/socket_raw_socket.c @@ -172,6 +172,11 @@ METHOD(socket_t, receiver, status_t, DBG1(DBG_NET, "error reading from IPv4 socket: %s", strerror(errno)); return FAILED; } + if (bytes_read == this->max_packet) + { + DBG1(DBG_NET, "receive buffer too small, packet discarded"); + return FAILED; + } DBG3(DBG_NET, "received IPv4 packet %b", buffer, bytes_read); /* read source/dest from raw IP/UDP header */ |