Mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-04-27 11:17:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

check I2NP messsage buffer size

Browse source
This commit is contained in:
orignal 2017-12-01 12:57:05 -05:00
parent a1e820182c
commit df18692af9
5 changed files with 76 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

28
libi2pd/I2NPProtocol.cpp
View file

@ -546,18 +546,40 @@ namespace i2p
return msg;
}
size_t GetI2NPMessageLength (const uint8_t * msg)
size_t GetI2NPMessageLength (const uint8_t * msg, size_t len)
{
return bufbe16toh (msg + I2NP_HEADER_SIZE_OFFSET) + I2NP_HEADER_SIZE;
if (len < I2NP_HEADER_SIZE_OFFSET + 2)
{
LogPrint (eLogError, "I2NP: message length ", len, " is smaller than header");
return len;
}
auto l = bufbe16toh (msg + I2NP_HEADER_SIZE_OFFSET) + I2NP_HEADER_SIZE;
if (l > len)
{
LogPrint (eLogError, "I2NP: message length ", l, " exceeds buffer length ", len);
l = len;
}
return l;
}
void HandleI2NPMessage (uint8_t * msg, size_t len)
{
if (len < I2NP_HEADER_SIZE)
{
LogPrint (eLogError, "I2NP: message length ", len, " is smaller than header");
return;
}
uint8_t typeID = msg[I2NP_HEADER_TYPEID_OFFSET];
uint32_t msgID = bufbe32toh (msg + I2NP_HEADER_MSGID_OFFSET);
LogPrint (eLogDebug, "I2NP: msg received len=", len,", type=", (int)typeID, ", msgID=", (unsigned int)msgID);
uint8_t * buf = msg + I2NP_HEADER_SIZE;
int size = bufbe16toh (msg + I2NP_HEADER_SIZE_OFFSET);
auto size = bufbe16toh (msg + I2NP_HEADER_SIZE_OFFSET);
len -= I2NP_HEADER_SIZE;
if (size > len)
{
LogPrint (eLogError, "I2NP: payload size ", size, " exceeds buffer length ", len);
size = len;
}
switch (typeID)
{
case eI2NPVariableTunnelBuild: