projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Prevent oracle attacks in the legacy protocol (CVE-2018-16737, CVE-2018-16738)
[tinc]
/
src
/
net_packet.c
diff --git
a/src/net_packet.c
b/src/net_packet.c
index
5d70481
..
a516b4a
100644
(file)
--- a/
src/net_packet.c
+++ b/
src/net_packet.c
@@
-461,10
+461,11
@@
static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
inpkt = outpkt;
- if
(origlen > MTU / 64 + 20)
+ if
(origlen > MTU / 64 + 20) {
origlen -= MTU / 64 + 20;
- else
+ } else {
origlen = 0;
+ }
}
if(inpkt->len > n->maxrecentlen) {