mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd synced 2024-11-10 00:00:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

verify tag count field

Browse Source
This commit is contained in:
orignal 2014-12-07 21:00:19 -05:00
parent 5e31d6b2bd
commit 85624e4f4b
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Garlic.cpp
View File

@ -384,18 +384,24 @@ namespace garlic
i2p::tunnel::InboundTunnel * from)
{
uint16_t tagCount = be16toh (*(uint16_t *)buf);
buf += 2;
buf += 2; len -= 2;
if (tagCount > 0)
{
if (tagCount*32 > len)
{
LogPrint (eLogWarning, "Tag count ", tagCount, " exceeds length ", len);
tagCount = len/32;
}
uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
for (int i = 0; i < tagCount; i++)
m_Tags[SessionTag(buf + i*32, ts)] = decryption;
}
buf += tagCount*32;
len -= tagCount*32;
uint32_t payloadSize = be32toh (*(uint32_t *)buf);
if (payloadSize > len)
{
LogPrint ("Unexpected payload size ", payloadSize);
LogPrint (eLogError, "Unexpected payload size ", payloadSize);
return;
}
buf += 4;