From adaedb9299c77e18150b685a96d51b1ce67ec423 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Mon, 22 Apr 2013 14:08:33 +0200
Subject: Miscellaneous fixes in ethernet address handling

Check the length of ethernet frames, and the fastd_eth_addr_t structure must be
packed.
---
 src/fastd.c  | 12 ++++++++++++
 src/fastd.h  |  2 +-
 src/packet.h |  2 +-
 src/types.h  |  2 +-
 4 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/fastd.c b/src/fastd.c
index 70bd99e..1f606c0 100644
--- a/src/fastd.c
+++ b/src/fastd.c
@@ -602,6 +602,12 @@ void fastd_send_handshake(fastd_context_t *ctx, const fastd_socket_t *sock, cons
 
 void fastd_handle_receive(fastd_context_t *ctx, fastd_peer_t *peer, fastd_buffer_t buffer) {
 	if (ctx->conf->mode == MODE_TAP) {
+		if (buffer.len < ETH_HLEN) {
+			pr_debug(ctx, "received truncated packet");
+			fastd_buffer_free(buffer);
+			return;
+		}
+
 		const fastd_eth_addr_t *src_addr = fastd_get_source_address(ctx, buffer);
 
 		if (fastd_eth_addr_is_unicast(src_addr))
@@ -841,6 +847,12 @@ static void handle_tun(fastd_context_t *ctx) {
 	fastd_peer_t *peer = NULL;
 
 	if (ctx->conf->mode == MODE_TAP) {
+		if (buffer.len < ETH_HLEN) {
+			pr_debug(ctx, "truncated packet on tap interface");
+			fastd_buffer_free(buffer);
+			return;
+		}
+
 		const fastd_eth_addr_t *dest_addr = fastd_get_dest_address(ctx, buffer);
 		if (fastd_eth_addr_is_unicast(dest_addr)) {
 			peer = fastd_peer_find_by_eth_addr(ctx, dest_addr);
diff --git a/src/fastd.h b/src/fastd.h
index 06723a8..d015484 100644
--- a/src/fastd.h
+++ b/src/fastd.h
@@ -59,7 +59,7 @@ struct fastd_buffer {
 	size_t len;
 };
 
-struct fastd_eth_addr {
+struct __attribute__((__packed__)) fastd_eth_addr {
 	uint8_t data[ETH_ALEN];
 };
 
diff --git a/src/packet.h b/src/packet.h
index d547b0e..01f77fb 100644
--- a/src/packet.h
+++ b/src/packet.h
@@ -39,7 +39,7 @@ typedef enum fastd_packet_type {
 	PACKET_DATA,
 } fastd_packet_type_t;
 
-typedef struct __attribute__ ((__packed__)) fastd_packet {
+typedef struct __attribute__((__packed__)) fastd_packet {
 	uint8_t rsv1;
 	uint16_t rsv2;
 	uint8_t tlv_data[];
diff --git a/src/types.h b/src/types.h
index 1a0b791..fec723b 100644
--- a/src/types.h
+++ b/src/types.h
@@ -25,7 +25,7 @@
 
 /*
   types.h
-  
+
   Basic enums and typedefs for common types
 */
 
-- 
cgit v1.2.3