| From 737925113363b6130879729cdff9ccc46c33eaea Mon Sep 17 00:00:00 2001 |
| From: Matthias Schiffer <mschiffer@universe-factory.net> |
| Date: Mon, 19 Oct 2020 21:08:16 +0200 |
| Subject: [PATCH] receive: fix buffer leak when receiving invalid packets |
| |
| For fastd versions before v20, this was just a memory leak (which could |
| still be used for DoS, as it's remotely triggerable). With the new |
| buffer management of fastd v20, this will trigger an assertion failure |
| instead as soon as the buffer pool is empty. |
| |
| [Retrieved from: |
| https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea] |
| Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> |
| --- |
| src/receive.c | 10 ++++++++++ |
| 1 file changed, 10 insertions(+) |
| |
| diff --git a/src/receive.c b/src/receive.c |
| index 043c9f2..6bca9f4 100644 |
| --- a/src/receive.c |
| +++ b/src/receive.c |
| @@ -169,6 +169,11 @@ static inline void handle_socket_receive_known( |
| |
| case PACKET_HANDSHAKE: |
| fastd_handshake_handle(sock, local_addr, remote_addr, peer, buffer); |
| + break; |
| + |
| + default: |
| + fastd_buffer_free(buffer); |
| + pr_debug("received packet with invalid type from %P[%I]", peer, remote_addr); |
| } |
| } |
| |
| @@ -195,6 +200,11 @@ static inline void handle_socket_receive_unknown( |
| |
| case PACKET_HANDSHAKE: |
| fastd_handshake_handle(sock, local_addr, remote_addr, NULL, buffer); |
| + break; |
| + |
| + default: |
| + fastd_buffer_free(buffer); |
| + pr_debug("received packet with invalid type from unknown address %I", remote_addr); |
| } |
| } |
| |
