mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd synced 2024-11-13 01:20:22 +03:00
Code Issues Packages Projects Releases Wiki Activity

check for buffer overflow

Browse Source
This commit is contained in:
orignal 2014-08-27 10:02:23 -04:00
parent b3e389a67c
commit 8c87a0fc38
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
NTCPSession.cpp
View File

@ -30,6 +30,8 @@ namespace ntcp
NTCPSession::~NTCPSession () NTCPSession::~NTCPSession ()
{ {
delete m_DHKeysPair; delete m_DHKeysPair;
if (m_NextMessage)
i2p::DeleteI2NPMessage (m_NextMessage);
} }
void NTCPSession::CreateAESKey (uint8_t * pubKey, uint8_t * aesKey) void NTCPSession::CreateAESKey (uint8_t * pubKey, uint8_t * aesKey)
@ -436,6 +438,14 @@ namespace ntcp
if (dataSize) if (dataSize)
{ {
// new message // new message
if (dataSize > NTCP_MAX_MESSAGE_SIZE)
{
LogPrint ("NTCP data size ", dataSize, " exceeds max size");
i2p::DeleteI2NPMessage (m_NextMessage);
m_NextMessage = nullptr;
Terminate ();
return;
}
m_NextMessageOffset += 16; m_NextMessageOffset += 16;
m_NextMessage->offset = 2; // size field m_NextMessage->offset = 2; // size field
m_NextMessage->len = dataSize + 2; m_NextMessage->len = dataSize + 2;