diff options
| author | Matthias Schiffer <mschiffer@universe-factory.net> | 2012-04-02 02:37:09 +0200 |
|---|---|---|
| committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2012-04-02 02:37:35 +0200 |
| commit | 7836725abdfa6c30d02b9280526d5373e4466e69 (patch) | |
| tree | 0d39c8f3e3a5ce308396d05aa32d451cddb940f8 | |
| parent | b56a383d4ceaaf9981d2305834d7b2003b9da48f (diff) | |
| download | fastd-0.1-rc4.tar fastd-0.1-rc4.zip | |
Critical fix of a bug allowing DoS by sending invalid handshakesv0.1-rc4
| -rw-r--r-- | src/handshake.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/handshake.c b/src/handshake.c index 2359af4..06adef8 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -128,8 +128,10 @@ void fastd_handshake_handle(fastd_context *ctx, fastd_peer *peer, fastd_buffer b if (ptr+4+len > (uint8_t*)buffer.data + buffer.len) break; - handshake.records[type].length = len; - handshake.records[type].data = ptr+4; + if (type < RECORD_MAX) { + handshake.records[type].length = len; + handshake.records[type].data = ptr+4; + } ptr += 4+len; } |