Additional buffer bounds checks

[govpn.git] / src / govpn / peer.go

diff --git a/src/govpn/peer.go b/src/govpn/peer.go
index 091801850f5f87478c19a2e51010702f77dc93e1..1097eacf030975378344b30557bdc7d4ae4915c8 100644 (file)
--- a/src/govpn/peer.go
+++ b/src/govpn/peer.go
@@ -260,6 +260,9 @@ func (p *Peer) EthProcess(data []byte) {
 }
 
 func (p *Peer) PktProcess(data []byte, tap io.Writer, reorderable bool) bool {
+       if len(data) < MinPktLength {
+               return false
+       }
        p.BusyR.Lock()
        for i := 0; i < SSize; i++ {
                p.bufR[i] = byte(0)
@@ -327,6 +330,9 @@ func (p *Peer) PktProcess(data []byte, tap io.Writer, reorderable bool) bool {
                p.BusyR.Unlock()
                return true
        }
+       if int(p.pktSizeR) > len(data) - MinPktLength {
+               return false
+       }
        p.BytesPayloadIn += int64(p.pktSizeR)
        tap.Write(p.bufR[S20BS+PktSizeSize : S20BS+PktSizeSize+p.pktSizeR])
        p.BusyR.Unlock()