From 7836725abdfa6c30d02b9280526d5373e4466e69 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Mon, 2 Apr 2012 02:37:09 +0200 Subject: Critical fix of a bug allowing DoS by sending invalid handshakes --- src/handshake.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/handshake.c b/src/handshake.c index 2359af4..06adef8 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -128,8 +128,10 @@ void fastd_handshake_handle(fastd_context *ctx, fastd_peer *peer, fastd_buffer b if (ptr+4+len > (uint8_t*)buffer.data + buffer.len) break; - handshake.records[type].length = len; - handshake.records[type].data = ptr+4; + if (type < RECORD_MAX) { + handshake.records[type].length = len; + handshake.records[type].data = ptr+4; + } ptr += 4+len; } -- cgit v1.2.3