mirror of
https://github.com/irungentoo/toxcore.git
synced 2024-03-22 13:30:51 +08:00
Merge pull request #347 from nickodell/master
Fix bug where handle_NATping wouldn't perform bounds checking
This commit is contained in:
commit
8618662e29
|
@ -1108,7 +1108,7 @@ static int send_NATping(uint8_t * public_key, uint64_t ping_id, uint8_t type)
|
||||||
static int handle_NATping(uint8_t * packet, uint32_t length, IP_Port source)
|
static int handle_NATping(uint8_t * packet, uint32_t length, IP_Port source)
|
||||||
{
|
{
|
||||||
if (length < crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + ENCRYPTION_PADDING
|
if (length < crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + ENCRYPTION_PADDING
|
||||||
&& length > MAX_DATA_SIZE + ENCRYPTION_PADDING)
|
|| length > MAX_DATA_SIZE + ENCRYPTION_PADDING)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
/* check if request is for us. */
|
/* check if request is for us. */
|
||||||
|
|
|
@ -104,7 +104,7 @@ static int request_recieved(uint8_t * client_id)
|
||||||
int friendreq_handlepacket(uint8_t * packet, uint32_t length, IP_Port source)
|
int friendreq_handlepacket(uint8_t * packet, uint32_t length, IP_Port source)
|
||||||
{
|
{
|
||||||
if (packet[0] == 32) {
|
if (packet[0] == 32) {
|
||||||
if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING &&
|
if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING ||
|
||||||
length > MAX_DATA_SIZE + ENCRYPTION_PADDING)
|
length > MAX_DATA_SIZE + ENCRYPTION_PADDING)
|
||||||
return 1;
|
return 1;
|
||||||
if (memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) {// check if request is for us.
|
if (memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) {// check if request is for us.
|
||||||
|
|
Loading…
Reference in New Issue
Block a user