projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Prevent oracle attacks in the legacy protocol (CVE-2018-16737, CVE-2018-16738)
[tinc]
/
src
/
net_packet.c
diff --git
a/src/net_packet.c
b/src/net_packet.c
index
ebf2938
..
a516b4a
100644
(file)
--- a/
src/net_packet.c
+++ b/
src/net_packet.c
@@
-167,7
+167,6
@@
static void udp_probe_h(node_t *n, vpn_packet_t *packet, length_t len) {
packet used. */
if(!n->status.udp_confirmed) {
n->status.udp_confirmed = true;
packet used. */
if(!n->status.udp_confirmed) {
n->status.udp_confirmed = true;
- fprintf(stderr, "Updating address cache...\n");
if(!n->address_cache) {
n->address_cache = open_address_cache(n);
if(!n->address_cache) {
n->address_cache = open_address_cache(n);
@@
-462,7
+461,11
@@
static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
inpkt = outpkt;
inpkt = outpkt;
- origlen -= MTU / 64 + 20;
+ if(origlen > MTU / 64 + 20) {
+ origlen -= MTU / 64 + 20;
+ } else {
+ origlen = 0;
+ }
}
if(inpkt->len > n->maxrecentlen) {
}
if(inpkt->len > n->maxrecentlen) {