abduco

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | LICENSE

commit bd3dcba5488a4c6e5daee0998d40f76c9fe1f78c
parent eef3b654d96dee18bc581d754545028e292926c0
Author: Marc André Tanner <mat@brain-dump.org>
Date:   Tue, 17 Feb 2015 00:20:38 +0100

Validate packet size before sending/receiving

Diffstat:
abduco.c | 4++++
1 file changed, 4 insertions(+), 0 deletions(-)

diff --git a/abduco.c b/abduco.c @@ -173,6 +173,8 @@ static ssize_t read_all(int fd, char *buf, size_t len) { static bool send_packet(int socket, Packet *pkt) { size_t size = packet_size(pkt); + if (size > sizeof(*pkt)) + return false; return write_all(socket, (char *)pkt, size) == size; } @@ -180,6 +182,8 @@ static bool recv_packet(int socket, Packet *pkt) { ssize_t len = read_all(socket, (char*)pkt, packet_header_size()); if (len <= 0 || len != packet_header_size()) return false; + if (len > sizeof(pkt->u.msg)) + return false; if (pkt->len > 0) { len = read_all(socket, pkt->u.msg, pkt->len); if (len <= 0 || len != pkt->len)