StarMirror/toxcore
1
0
Fork 0
mirror of https://github.com/irungentoo/toxcore.git synced 2024-03-22 13:30:51 +08:00
Code Issues Projects Releases Wiki Activity

Fix bug where friendreq_handlepacket did not do bounds checking

Browse Source
This commit is contained in:
Nick ODell 2013-08-05 14:54:53 -06:00
parent 9364db9eff
commit 84607c8937
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/friend_requests.c
View File

@ -104,7 +104,7 @@ static int request_recieved(uint8_t * client_id)
int friendreq_handlepacket(uint8_t * packet, uint32_t length, IP_Port source) int friendreq_handlepacket(uint8_t * packet, uint32_t length, IP_Port source)
{ {
if (packet[0] == 32) { if (packet[0] == 32) {
if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING ||
length > MAX_DATA_SIZE + ENCRYPTION_PADDING) length > MAX_DATA_SIZE + ENCRYPTION_PADDING)
return 1; return 1;
if (memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) {// check if request is for us. if (memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) {// check if request is for us.